From d8d9f7723337c267a8740750fe19a6387cfbb1f6 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 7 May 1998 18:19:05 +0000 Subject: created "passdb.c" which is an interface point to (at present) either smbpasswd or ldap passwd, at compile-time (-DUSE_LDAP). _none_ of the functions in ldap.c or smbpass.c should be called directly: only those in passdb.c should be used. -DUSE_LDAP is unlikely to compile at the moment. (This used to be commit 57b01ad4ffb14ebd600d4e66602b54ed987f6106) --- source3/include/proto.h | 20 ++++-- source3/nmbd/nmbd_processlogon.c | 2 +- source3/passdb/ldap.c | 22 +++++- source3/passdb/passdb.c | 149 +++++++++++++++++++++++++++++++++++++++ source3/passdb/smbpass.c | 75 +++++++++++--------- source3/rpc_server/srv_netlog.c | 60 ++++++++-------- source3/rpc_server/srv_samr.c | 26 +++---- source3/rpc_server/srv_util.c | 4 +- source3/smbd/chgpasswd.c | 78 ++++++++++---------- source3/smbd/ipc.c | 12 ++-- source3/smbd/password.c | 12 ++-- source3/smbd/reply.c | 14 ++-- 12 files changed, 334 insertions(+), 140 deletions(-) create mode 100644 source3/passdb/passdb.c (limited to 'source3') diff --git a/source3/include/proto.h b/source3/include/proto.h index 7c09113259..c6311b3068 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -36,12 +36,12 @@ BOOL chat_with_program(char *passwordprogram,char *name,char *chatsequence, BOOL BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root); BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root); BOOL check_lanman_password(char *user, unsigned char *pass1, - unsigned char *pass2, struct smb_passwd **psmbpw); -BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2); + unsigned char *pass2, struct smb_passwd **psampw); +BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsigned char *pass2); BOOL check_oem_password(char *user, unsigned char *data, - struct smb_passwd **psmbpw, char *new_passwd, + struct smb_passwd **psampw, char *new_passwd, int new_passwd_size); -BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override); +BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL override); /*The following definitions come from client.c */ @@ -1558,6 +1558,18 @@ BOOL pm_process( char *FileName, BOOL (*sfunc)(char *), BOOL (*pfunc)(char *, char *) ); +/*The following definitions come from passdb.c */ + +struct smb_passwd *getsampwnam(char *name); +struct smb_passwd *getsampwuid(unsigned int uid); +void *startsampwent(BOOL update); +void endsampwent(void *vp); +struct smb_passwd *getsampwent(void *vp); +unsigned long getsampwpos(void *vp); +BOOL setsampwpos(void *vp, unsigned long tok); +BOOL add_sampwd_entry(struct smb_passwd *newpwd); +BOOL mod_sampwd_entry(struct smb_passwd* pwd, BOOL override); + /*The following definitions come from password.c */ void generate_next_challenge(char *challenge); diff --git a/source3/nmbd/nmbd_processlogon.c b/source3/nmbd/nmbd_processlogon.c index f647687db8..50b6052c67 100644 --- a/source3/nmbd/nmbd_processlogon.c +++ b/source3/nmbd/nmbd_processlogon.c @@ -201,7 +201,7 @@ reporting %s domain %s 0x%x ntversion=%x lm_nt token=%x lm_20 token=%x\n", strcpy(reply_name,"\\\\"); /* Here it wants \\LOGONSERVER. */ strcpy(reply_name+2,my_name); - smb_pass = getsmbpwnam(ascuser); + smb_pass = getsampwnam(ascuser); if(!smb_pass ) { diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c index fedc31cbfc..d9387dfcc4 100644 --- a/source3/passdb/ldap.c +++ b/source3/passdb/ldap.c @@ -475,7 +475,7 @@ static void ldap_get_machine(LDAP *ldap_struct,LDAPMessage *entry, /******************************************************************* find a user or a machine return a smbpass struct. ******************************************************************/ -struct smb_passwd *ldap_get_smbpwd_entry(char *name, int smb_userid) +static struct smb_passwd *ldap_get_smbpwd_entry(char *name, int smb_userid) { LDAP *ldap_struct; LDAPMessage *result; @@ -560,4 +560,24 @@ struct smb_passwd *ldap_get_smbpwd_entry(char *name, int smb_userid) return(&ldap_passwd); } + +/************************************************************************ + Routine to search ldap passwd by name. +*************************************************************************/ + +struct smb_passwd *getldappwnam(char *name) +{ + return ldap_get_smbpwd_entry(name, 0); +} + +/************************************************************************ + Routine to search ldap passwd by uid. +*************************************************************************/ + +struct smb_passwd *getldappwuid(unsigned int uid) +{ + return ldap_get_smbpwd_entry(NULL, uid); +} + + #endif diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c new file mode 100644 index 0000000000..9e5b3ef145 --- /dev/null +++ b/source3/passdb/passdb.c @@ -0,0 +1,149 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Password and authentication handling + Copyright (C) Andrew Tridgell 1992-1998 + Copyright (C) Luke Kenneth Casson Leighton 1996-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +extern int DEBUGLEVEL; + +/************************************************************************ + Routine to search sam passwd by name. +*************************************************************************/ + +struct smb_passwd *getsampwnam(char *name) +{ +#ifdef USE_LDAP + return getldappwnam(name); +#else + return getsmbpwnam(name); +#endif /* USE_LDAP */ +} + +/************************************************************************ + Routine to search sam passwd by uid. +*************************************************************************/ + +struct smb_passwd *getsampwuid(unsigned int uid) +{ +#ifdef USE_LDAP + return getldappwuid(uid); +#else + return getsmbpwuid(uid); +#endif /* USE_LDAP */ +} + +/*************************************************************** + Start to enumerate the sam passwd list. Returns a void pointer + to ensure no modification outside this module. +****************************************************************/ + +void *startsampwent(BOOL update) +{ +#ifdef USE_LDAP + return startldappwent(update); +#else + return startsmbpwent(update); +#endif /* USE_LDAP */ +} + +/*************************************************************** + End enumeration of the sam passwd list. +****************************************************************/ + +void endsampwent(void *vp) +{ +#ifdef USE_LDAP + endldappwent(vp); +#else + endsmbpwent(vp); +#endif /* USE_LDAP */ +} + +/************************************************************************* + Routine to return the next entry in the sam passwd list. + *************************************************************************/ + +struct smb_passwd *getsampwent(void *vp) +{ +#ifdef USE_LDAP + return getldappwent(vp); +#else + return getsmbpwent(vp); +#endif /* USE_LDAP */ +} + +/************************************************************************* + Return the current position in the sam passwd list as an unsigned long. + This must be treated as an opaque token. + *************************************************************************/ +unsigned long getsampwpos(void *vp) +{ +#ifdef USE_LDAP + return getldappwpos(vp); +#else + return getsmbpwpos(vp); +#endif /* USE_LDAP */ +} + +/************************************************************************* + Set the current position in the sam passwd list from unsigned long. + This must be treated as an opaque token. + *************************************************************************/ +BOOL setsampwpos(void *vp, unsigned long tok) +{ +#ifdef USE_LDAP + return setldappwpos(vp, tok); +#else + return setsmbpwpos(vp, tok); +#endif /* USE_LDAP */ +} + +/************************************************************************ + Routine to add an entry to the sam passwd file. +*************************************************************************/ + +BOOL add_sampwd_entry(struct smb_passwd *newpwd) +{ +#ifdef USE_LDAP + return add_ldappwd_entry(newpwd); +#else + return add_smbpwd_entry(newpwd); +#endif /* USE_LDAP */ +} + +/************************************************************************ + Routine to search the sam passwd file for an entry matching the username. + and then modify its password entry. We can't use the startsampwent()/ + getsampwent()/endsampwent() interfaces here as we depend on looking + in the actual file to decide how much room we have to write data. + override = False, normal + override = True, override XXXXXXXX'd out password or NO PASS +************************************************************************/ + +BOOL mod_sampwd_entry(struct smb_passwd* pwd, BOOL override) +{ +#ifdef USE_LDAP + return mod_ldappwd_entry(pwd, override); +#else + return mod_smbpwd_entry(pwd, override); +#endif /* USE_LDAP */ +} + diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index 56eade7cd3..defadadf69 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -17,6 +17,17 @@ * Mass Ave, Cambridge, MA 02139, USA. */ +/*X*X*X*X*X*X*X**X*X*X*X*X*X*X**X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*X* + *X*X*X*X*X*X*X**X*X*X*X*X*X*X**X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*X* + *X*X*X*X*X*X*X**X*X*X*X*X*X*X**X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*X* + + DO NOT CALL ANY OF THE ROUTINES IN THIS MODULE DIRECTLY. + USE passdb.c INSTEAD. + + *X*X*X*X*X*X*X**X*X*X*X*X*X*X**X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*X* + *X*X*X*X*X*X*X**X*X*X*X*X*X*X**X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*X* + *X*X*X*X*X*X*X**X*X*X*X*X*X*X**X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*X*/ + #include "includes.h" extern int DEBUGLEVEL; @@ -112,7 +123,10 @@ static BOOL pw_file_unlock(int fd, int *plock_depth) /*************************************************************** Start to enumerate the smbpasswd list. Returns a void pointer to ensure no modification outside this module. -****************************************************************/ + + do not call this function directly. use passdb.c instead. + + ****************************************************************/ void *startsmbpwent(BOOL update) { @@ -192,6 +206,9 @@ static int gethexpwd(char *p, char *pwd) /************************************************************************* Routine to return the next entry in the smbpasswd list. + + do not call this function directly. use passdb.c instead. + *************************************************************************/ struct smb_passwd *getsmbpwent(void *vp) @@ -482,8 +499,10 @@ struct smb_passwd *getsmbpwent(void *vp) /************************************************************************* Return the current position in the smbpasswd list as an unsigned long. This must be treated as an opaque token. -*************************************************************************/ + do not call this function directly. use passdb.c instead. + +*************************************************************************/ unsigned long getsmbpwpos(void *vp) { return (unsigned long)ftell((FILE *)vp); @@ -492,8 +511,10 @@ unsigned long getsmbpwpos(void *vp) /************************************************************************* Set the current position in the smbpasswd list from unsigned long. This must be treated as an opaque token. -*************************************************************************/ + do not call this function directly. use passdb.c instead. + +*************************************************************************/ BOOL setsmbpwpos(void *vp, unsigned long tok) { return !fseek((FILE *)vp, tok, SEEK_SET); @@ -503,7 +524,6 @@ BOOL setsmbpwpos(void *vp, unsigned long tok) Routine to search the smbpasswd file for an entry matching the username or user id. if the name is NULL, then the smb_uid is used instead. *************************************************************************/ - static struct smb_passwd *get_smbpwd_entry(char *name, int smb_userid) { struct smb_passwd *pwd = NULL; @@ -549,31 +569,25 @@ static struct smb_passwd *get_smbpwd_entry(char *name, int smb_userid) } /************************************************************************ - Routine to search smbpasswd by name. + Routine to search smb passwd by name. *************************************************************************/ struct smb_passwd *getsmbpwnam(char *name) { -#ifdef USE_LDAP - return ldap_get_smbpwd_entry(name, 0); -#else /* USE_LDAP */ return get_smbpwd_entry(name, 0); -#endif /* USE_LDAP */ } + /************************************************************************ - Routine to search smbpasswd by uid. + Routine to search smb passwd by uid. *************************************************************************/ struct smb_passwd *getsmbpwuid(unsigned int uid) { -#ifdef USE_LDAP - return ldap_get_smbpwd_entry(NULL, uid); -#else /* USE_DLAP */ return get_smbpwd_entry(NULL, uid); -#endif /* USE_LDAP */ } + /********************************************************** Encode the account control bits into a string. **********************************************************/ @@ -585,24 +599,15 @@ char *encode_acct_ctrl(uint16 acct_ctrl) *p++ = '['; - if(acct_ctrl & ACB_HOMDIRREQ) - *p++ = 'H'; - if(acct_ctrl & ACB_TEMPDUP) - *p++ = 'T'; - if(acct_ctrl & ACB_NORMAL) - *p++ = 'U'; - if(acct_ctrl & ACB_MNS) - *p++ = 'M'; - if(acct_ctrl & ACB_WSTRUST) - *p++ = 'W'; - if(acct_ctrl & ACB_SVRTRUST) - *p++ = 'S'; - if(acct_ctrl & ACB_AUTOLOCK) - *p++ = 'L'; - if(acct_ctrl & ACB_PWNOEXP) - *p++ = 'X'; - if(acct_ctrl & ACB_DOMTRUST) - *p++ = 'I'; + if (acct_ctrl & ACB_HOMDIRREQ) *p++ = 'H'; + if (acct_ctrl & ACB_TEMPDUP ) *p++ = 'T'; + if (acct_ctrl & ACB_NORMAL ) *p++ = 'U'; + if (acct_ctrl & ACB_MNS ) *p++ = 'M'; + if (acct_ctrl & ACB_WSTRUST ) *p++ = 'W'; + if (acct_ctrl & ACB_SVRTRUST ) *p++ = 'S'; + if (acct_ctrl & ACB_AUTOLOCK ) *p++ = 'L'; + if (acct_ctrl & ACB_PWNOEXP ) *p++ = 'X'; + if (acct_ctrl & ACB_DOMTRUST ) *p++ = 'I'; *p++ = ']'; *p = '\0'; @@ -611,6 +616,9 @@ char *encode_acct_ctrl(uint16 acct_ctrl) /************************************************************************ Routine to add an entry to the smbpasswd file. + + do not call this function directly. use passdb.c instead. + *************************************************************************/ BOOL add_smbpwd_entry(struct smb_passwd *newpwd) @@ -742,6 +750,9 @@ Error was %s. Password file may be corrupt ! Please examine by hand !\n", in the actual file to decide how much room we have to write data. override = False, normal override = True, override XXXXXXXX'd out password or NO PASS + + do not call this function directly. use passdb.c instead. + ************************************************************************/ BOOL mod_smbpwd_entry(struct smb_passwd* pwd, BOOL override) diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 6229d5ea0b..76dd5dd74d 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -237,7 +237,7 @@ static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct) } become_root(True); - smb_pass = getsmbpwnam(mach_acct); + smb_pass = getsampwnam(mach_acct); unbecome_root(True); if (smb_pass != NULL) @@ -377,48 +377,50 @@ static void api_net_srv_pwset( int uid, /* checks and updates credentials. creates reply credentials */ if (deal_with_creds(vuser->dc.sess_key, &(vuser->dc.clnt_cred), - &(q_a.clnt_id.cred), &srv_cred)) + &(q_a.clnt_id.cred), &srv_cred)) { memcpy(&(vuser->dc.srv_cred), &(vuser->dc.clnt_cred), sizeof(vuser->dc.clnt_cred)); DEBUG(5,("api_net_srv_pwset: %d\n", __LINE__)); - pstrcpy(mach_acct, unistrn2(q_a.clnt_id.login.uni_acct_name.buffer, - q_a.clnt_id.login.uni_acct_name.uni_str_len)); + pstrcpy(mach_acct, unistrn2(q_a.clnt_id.login.uni_acct_name.buffer, + q_a.clnt_id.login.uni_acct_name.uni_str_len)); - DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct)); + DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct)); - become_root(True); - smb_pass = getsmbpwnam(mach_acct); - unbecome_root(True); + become_root(True); + smb_pass = getsampwnam(mach_acct); + unbecome_root(True); if (smb_pass != NULL) { - unsigned char pwd[16]; - int i; + unsigned char pwd[16]; + int i; - DEBUG(100,("Server password set : new given value was :\n")); - for(i = 0; i < 16; i++) - DEBUG(100,("%02X ", q_a.pwd[i])); - DEBUG(100,("\n")); + DEBUG(100,("Server password set : new given value was :\n")); + for(i = 0; i < 16; i++) + { + DEBUG(100,("%02X ", q_a.pwd[i])); + } + DEBUG(100,("\n")); - cred_hash3( pwd, q_a.pwd, vuser->dc.sess_key, 0); + cred_hash3( pwd, q_a.pwd, vuser->dc.sess_key, 0); - /* lies! nt and lm passwords are _not_ the same: don't care */ - smb_pass->smb_passwd = pwd; - smb_pass->smb_nt_passwd = pwd; - smb_pass->acct_ctrl = ACB_WSTRUST; + /* lies! nt and lm passwords are _not_ the same: don't care */ + smb_pass->smb_passwd = pwd; + smb_pass->smb_nt_passwd = pwd; + smb_pass->acct_ctrl = ACB_WSTRUST; - become_root(True); - ret = mod_smbpwd_entry(smb_pass,False); - unbecome_root(True); + become_root(True); + ret = mod_sampwd_entry(smb_pass,False); + unbecome_root(True); - if (ret) - { - /* hooray! */ - status = 0x0; - } - } + if (ret) + { + /* hooray! */ + status = 0x0; + } + } DEBUG(5,("api_net_srv_pwset: %d\n", __LINE__)); @@ -629,7 +631,7 @@ static void api_net_sam_logon( int uid, DEBUG(3,("User:[%s]\n", samlogon_user)); become_root(True); - smb_pass = getsmbpwnam(samlogon_user); + smb_pass = getsampwnam(samlogon_user); unbecome_root(True); if (smb_pass == NULL) diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 353da9bd29..c8c483ac31 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -38,7 +38,7 @@ extern rid_name domain_alias_rids[]; dynamically returns the correct user info..... JRA. ********************************************************************/ -static BOOL get_smbpwd_entries(SAM_USER_INFO_21 *pw_buf, +static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int *total_entries, int *num_entries, int max_num_entries, uint16 acb_mask) @@ -51,14 +51,14 @@ static BOOL get_smbpwd_entries(SAM_USER_INFO_21 *pw_buf, if (pw_buf == NULL) return False; - vp = startsmbpwent(False); + vp = startsampwent(False); if (!vp) { - DEBUG(0, ("get_smbpwd_entries: Unable to open SMB password file.\n")); + DEBUG(0, ("get_sampwd_entries: Unable to open SMB password file.\n")); return False; } - while (((pwd = getsmbpwent(vp)) != NULL) && (*num_entries) < max_num_entries) + while (((pwd = getsampwent(vp)) != NULL) && (*num_entries) < max_num_entries) { int user_name_len = strlen(pwd->smb_name); make_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len-1); @@ -75,7 +75,7 @@ static BOOL get_smbpwd_entries(SAM_USER_INFO_21 *pw_buf, pw_buf[(*num_entries)].acb_info = (uint16)pwd->acct_ctrl; - DEBUG(5, ("get_smbpwd_entries: idx: %d user %s, uid %d, acb %x", + DEBUG(5, ("get_sampwd_entries: idx: %d user %s, uid %d, acb %x", (*num_entries), pwd->smb_name, pwd->smb_userid, pwd->acct_ctrl)); if (acb_mask == 0 || IS_BITS_SET_SOME(pwd->acct_ctrl, acb_mask)) @@ -91,7 +91,7 @@ static BOOL get_smbpwd_entries(SAM_USER_INFO_21 *pw_buf, (*total_entries)++; } - endsmbpwent(vp); + endsampwent(vp); return (*num_entries) > 0; } @@ -295,7 +295,7 @@ static void samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u, DEBUG(5,("samr_reply_enum_dom_users: %d\n", __LINE__)); become_root(True); - got_pwds = get_smbpwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask); + got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, q_u->acb_mask); unbecome_root(True); make_samr_r_enum_dom_users(&r_e, total_entries, @@ -466,7 +466,7 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u, #ifndef USE_LDAP become_root(True); - got_pwds = get_smbpwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0); + got_pwds = get_sampwd_entries(pass, &total_entries, &num_entries, MAX_SAM_ENTRIES, 0); unbecome_root(True); #endif /* USE_LDAP */ @@ -633,7 +633,7 @@ static void samr_reply_lookup_ids(SAMR_Q_LOOKUP_IDS *q_u, /* find the user account */ become_root(True); - smb_pass = get_smbpwd_entry(user_name, 0); + smb_pass = get_sampwd_entry(user_name, 0); unbecome_root(True); if (smb_pass == NULL) @@ -825,7 +825,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, } become_root(True); - smb_pass = getsmbpwuid(q_u->user_rid); + smb_pass = getsampwuid(q_u->user_rid); unbecome_root(True); /* check that the RID exists in our domain. */ @@ -896,7 +896,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) struct smb_passwd *smb_pass; become_root(True); - smb_pass = getsmbpwuid(rid); + smb_pass = getsampwuid(rid); unbecome_root(True); if (smb_pass == NULL) @@ -1117,7 +1117,7 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u, if (status == 0x0) { become_root(True); - smb_pass = getsmbpwuid(rid); + smb_pass = getsampwuid(rid); unbecome_root(True); if (smb_pass == NULL) @@ -1213,7 +1213,7 @@ static void api_samr_unknown_32( int uid, prs_struct *data, prs_struct *rdata) q_u.uni_mach_acct.uni_str_len)); become_root(True); - smb_pass = getsmbpwnam(mach_acct); + smb_pass = getsampwnam(mach_acct); unbecome_root(True); if (smb_pass != NULL) diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 898269dc4a..a84dbb43ef 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -406,7 +406,7 @@ uint32 lookup_user_name(uint32 rid, char *user_name, uint32 *type) /* ok, it's a user. find the user account */ become_root(True); - smb_pass = getsmbpwuid(rid); /* lkclXXXX SHOULD use rid mapping here! */ + smb_pass = getsampwuid(rid); /* lkclXXXX SHOULD use rid mapping here! */ unbecome_root(True); if (smb_pass != NULL) @@ -468,7 +468,7 @@ uint32 lookup_user_rid(char *user_name, uint32 *rid) /* find the user account */ become_root(True); - smb_pass = getsmbpwnam(user_name); + smb_pass = getsampwnam(user_name); unbecome_root(True); if (smb_pass != NULL) diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 4bdfaec453..e466455aeb 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -440,56 +440,56 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root) ************************************************************/ BOOL check_lanman_password(char *user, unsigned char *pass1, - unsigned char *pass2, struct smb_passwd **psmbpw) + unsigned char *pass2, struct smb_passwd **psampw) { unsigned char unenc_new_pw[16]; unsigned char unenc_old_pw[16]; unsigned char null_pw[16]; - struct smb_passwd *smbpw; + struct smb_passwd *sampw; - *psmbpw = NULL; + *psampw = NULL; become_root(0); - smbpw = getsmbpwnam(user); + sampw = getsampwnam(user); unbecome_root(0); - if(smbpw == NULL) + if(sampw == NULL) { - DEBUG(0,("check_lanman_password: getsmbpwnam returned NULL\n")); + DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n")); return False; } - if(smbpw->acct_ctrl & ACB_DISABLED) + if(sampw->acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); return False; } - if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { + sampw->smb_passwd = null_pw; + } else if (sampw->smb_passwd == NULL) { DEBUG(0,("check_lanman_password: no lanman password !\n")); return False; } /* Get the new lanman hash. */ - D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + D_P16(sampw->smb_passwd, pass2, unenc_new_pw); /* Use this to get the old lanman hash. */ D_P16(unenc_new_pw, pass1, unenc_old_pw); /* Check that the two old passwords match. */ - if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) + if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) { DEBUG(0,("check_lanman_password: old password doesn't match.\n")); return False; } - *psmbpw = smbpw; + *psampw = sampw; return True; } @@ -499,44 +499,44 @@ BOOL check_lanman_password(char *user, unsigned char *pass1, no longer be valid. ************************************************************/ -BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2) +BOOL change_lanman_password(struct smb_passwd *sampw, unsigned char *pass1, unsigned char *pass2) { unsigned char unenc_new_pw[16]; unsigned char null_pw[16]; BOOL ret; - if(smbpw == NULL) + if(sampw == NULL) { DEBUG(0,("change_lanman_password: no smb password entry.\n")); return False; } - if(smbpw->acct_ctrl & ACB_DISABLED) + if(sampw->acct_ctrl & ACB_DISABLED) { - DEBUG(0,("change_lanman_password: account %s disabled.\n", smbpw->smb_name)); + DEBUG(0,("change_lanman_password: account %s disabled.\n", sampw->smb_name)); return False; } - if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { + sampw->smb_passwd = null_pw; + } else if (sampw->smb_passwd == NULL) { DEBUG(0,("change_lanman_password: no lanman password !\n")); return False; } /* Get the new lanman hash. */ - D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + D_P16(sampw->smb_passwd, pass2, unenc_new_pw); - smbpw->smb_passwd = unenc_new_pw; - smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + sampw->smb_passwd = unenc_new_pw; + sampw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ /* Now write it into the file. */ become_root(0); - ret = mod_smbpwd_entry(smbpw,False); + ret = mod_sampwd_entry(sampw,False); unbecome_root(0); return ret; @@ -547,10 +547,10 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsi ************************************************************/ BOOL check_oem_password(char *user, unsigned char *data, - struct smb_passwd **psmbpw, char *new_passwd, + struct smb_passwd **psampw, char *new_passwd, int new_passwd_size) { - struct smb_passwd *smbpw = NULL; + struct smb_passwd *sampw = NULL; int new_pw_len; fstring upper_case_new_passwd; unsigned char new_p16[16]; @@ -558,28 +558,28 @@ BOOL check_oem_password(char *user, unsigned char *data, unsigned char null_pw[16]; become_root(0); - *psmbpw = smbpw = getsmbpwnam(user); + *psampw = sampw = getsampwnam(user); unbecome_root(0); - if(smbpw == NULL) + if(sampw == NULL) { - DEBUG(0,("check_oem_password: getsmbpwnam returned NULL\n")); + DEBUG(0,("check_oem_password: getsampwnam returned NULL\n")); return False; } - if(smbpw->acct_ctrl & ACB_DISABLED) + if(sampw->acct_ctrl & ACB_DISABLED) { DEBUG(0,("check_lanman_password: account %s disabled.\n", user)); return False; } - if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) + if((sampw->smb_passwd == NULL) && (sampw->acct_ctrl & ACB_PWNOTREQ)) { unsigned char no_pw[14]; memset(no_pw, '\0', 14); E_P16((uchar *)no_pw, (uchar *)null_pw); - smbpw->smb_passwd = null_pw; - } else if (smbpw->smb_passwd == NULL) { + sampw->smb_passwd = null_pw; + } else if (sampw->smb_passwd == NULL) { DEBUG(0,("check_oem_password: no lanman password !\n")); return False; } @@ -587,7 +587,7 @@ BOOL check_oem_password(char *user, unsigned char *data, /* * Call the hash function to get the new password. */ - SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd, True); + SamOEMhash( (unsigned char *)data, (unsigned char *)sampw->smb_passwd, True); /* * The length of the new password is in the last 4 bytes of @@ -619,7 +619,7 @@ BOOL check_oem_password(char *user, unsigned char *data, */ D_P16(new_p16, &data[516], unenc_old_pw); - if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) { + if(memcmp(sampw->smb_passwd, unenc_old_pw, 16)) { DEBUG(0,("check_oem_password: old password doesn't match.\n")); return False; } @@ -636,7 +636,7 @@ BOOL check_oem_password(char *user, unsigned char *data, override = True, override XXXXXXXXXX'd password ************************************************************/ -BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override) +BOOL change_oem_password(struct smb_passwd *sampw, char *new_passwd, BOOL override) { int ret; fstring upper_case_new_passwd; @@ -649,14 +649,14 @@ BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL overri E_P16((uchar *)upper_case_new_passwd, new_p16); - smbpw->smb_passwd = new_p16; + sampw->smb_passwd = new_p16; E_md4hash((uchar *) new_passwd, new_nt_p16); - smbpw->smb_nt_passwd = new_nt_p16; + sampw->smb_nt_passwd = new_nt_p16; /* Now write it into the file. */ become_root(0); - ret = mod_smbpwd_entry(smbpw,override); + ret = mod_sampwd_entry(sampw,override); unbecome_root(0); memset(upper_case_new_passwd, '\0', strlen(upper_case_new_passwd)); diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 13a8d1347f..48c0277165 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -1649,10 +1649,10 @@ static BOOL api_SetUserPassword(int cnum,uint16 vuid, char *param,char *data, if(SVAL(*rparam,0) != NERR_Success) { - struct smb_passwd *smbpw = NULL; + struct smb_passwd *sampw = NULL; - if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &smbpw) && - change_lanman_password(smbpw,(unsigned char *)pass1,(unsigned char *)pass2)) + if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &sampw) && + change_lanman_password(sampw,(unsigned char *)pass1,(unsigned char *)pass2)) { SSVAL(*rparam,0,NERR_Success); } @@ -1675,7 +1675,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat { fstring user; fstring new_passwd; - struct smb_passwd *smbpw = NULL; + struct smb_passwd *sampw = NULL; char *p = param + 2; *rparam_len = 2; @@ -1703,7 +1703,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat fstrcpy(user,p); p = skip_string(p,1); - if(check_oem_password( user, (unsigned char *)data, &smbpw, + if(check_oem_password( user, (unsigned char *)data, &sampw, new_passwd, (int)sizeof(new_passwd)) == False) { return True; } @@ -1720,7 +1720,7 @@ static BOOL api_SamOEMChangePassword(int cnum,uint16 vuid, char *param,char *dat if(lp_unix_password_sync()) chgpasswd(user,"", new_passwd, True); - if(change_oem_password( smbpw, new_passwd, False)) { + if(change_oem_password( sampw, new_passwd, False)) { SSVAL(*rparam,0,NERR_Success); } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 1056269490..82e3a024e1 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -429,21 +429,21 @@ update the encrypted smbpasswd file from the plaintext username and password *****************************************************************************/ BOOL update_smbpassword_file( char *user, fstring password) { - struct smb_passwd *smbpw; + struct smb_passwd *sampw; BOOL ret; become_root(0); - smbpw = getsmbpwnam(user); + sampw = getsampwnam(user); unbecome_root(0); - if(smbpw == NULL) + if(sampw == NULL) { - DEBUG(0,("update_smbpassword_file: getsmbpwnam returned NULL\n")); + DEBUG(0,("update_smbpassword_file: getsampwnam returned NULL\n")); return False; } /* Here, the flag is one, because we want to ignore the XXXXXXX'd out password */ - ret = change_oem_password( smbpw, password, True); + ret = change_oem_password( sampw, password, True); if (ret == False) DEBUG(3,("update_smbpasswd_file: change_oem_password returned False\n")); @@ -1124,7 +1124,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) return(False); } - smb_pass = getsmbpwnam(user); + smb_pass = getsampwnam(user); if (!smb_pass) { diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 50b977d49f..1567e52777 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -377,10 +377,10 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, char *smb_passwd, int smb_passlen, char *smb_nt_passwd, int smb_nt_passlen) { - struct smb_passwd *smb_trust_acct = NULL; /* check if trust account exists */ + struct smb_passwd *sam_trust_acct = NULL; /* check if trust account exists */ if (lp_security() == SEC_USER) { - smb_trust_acct = getsmbpwnam(user); + sam_trust_acct = getsampwnam(user); } else { @@ -389,7 +389,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (smb_trust_acct == NULL) + if (sam_trust_acct == NULL) { /* lkclXXXX: workstation entry doesn't exist */ DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user)); @@ -405,28 +405,28 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) + if (!smb_password_ok(sam_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_DOMTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_DOMTRUST)) { DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_SVRTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_SVRTRUST)) { DEBUG(0,("session_trust_account: Server trust account %s denied by server\n",user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); return(ERROR(0, 0xc0000000|NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT)); } - if (IS_BITS_SET_ALL(smb_trust_acct->acct_ctrl, ACB_WSTRUST)) + if (IS_BITS_SET_ALL(sam_trust_acct->acct_ctrl, ACB_WSTRUST)) { DEBUG(4,("session_trust_account: Wksta trust account %s denied by server\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); -- cgit