/*
 * Unix SMB/Netbios implementation. Version 1.9. smbpasswd module. Copyright
 * (C) Jeremy Allison 1995-1998
 * 
 * This program is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option)
 * any later version.
 * 
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
 * more details.
 * 
 * You should have received a copy of the GNU General Public License along with
 * this program; if not, write to the Free Software Foundation, Inc., 675
 * Mass Ave, Cambridge, MA 02139, USA.
 */

#include "includes.h"

/* 
 * Password changing error codes.
 */

struct
{
  int err;
  char *message;
} pw_change_errmap[] =
{
  {5,    "User has insufficient privilege" },
  {86,   "The specified password is invalid" },
  {2226, "Operation only permitted on a Primary Domain Controller"  },
  {2242, "The password of this user has expired." },
  {2243, "The password of this user cannot change." },
  {2244, "This password cannot be used now (password history conflict)." },
  {2245, "The password is shorter than required." },
  {2246, "The password of this user is too recent to change."},
  {0, NULL}
};

/******************************************************
 Return an error message for a remote password change.
*******************************************************/

char *get_error_message(struct cli_state *cli)
{
  static fstring error_message;
  int errclass;
  int errnum;
  int i;

  /*
   * Errors are of two kinds - smb errors,
   * dealt with by cli_errstr, and rap
   * errors, whose error code is in cli.error.
   */

  cli_error(cli, &errclass, &errnum);
  if(errclass != 0)
    return cli_errstr(cli);

  sprintf(error_message, "code %d", cli->error);

  for(i = 0; pw_change_errmap[i].message != NULL; i++) {
    if (pw_change_errmap[i].err == cli->error) {
      fstrcpy( error_message, pw_change_errmap[i].message);
      break;
    }
  }

  return error_message;
}

/******************************************************
 Convert a hex password.
*******************************************************/

static int gethexpwd(char *p, char *pwd)
{
	int i;
	unsigned char   lonybble, hinybble;
	char           *hexchars = "0123456789ABCDEF";
	char           *p1, *p2;
	for (i = 0; i < 32; i += 2) {
		hinybble = toupper(p[i]);
		lonybble = toupper(p[i + 1]);

		p1 = strchr(hexchars, hinybble);
		p2 = strchr(hexchars, lonybble);
		if (!p1 || !p2)
			return (False);

		hinybble = PTR_DIFF(p1, hexchars);
		lonybble = PTR_DIFF(p2, hexchars);

		pwd[i / 2] = (hinybble << 4) | lonybble;
	}
	return (True);
}

/******************************************************
 Find a password entry by name.
*******************************************************/

static struct smb_passwd *
_my_get_smbpwnam(FILE * fp, char *name, BOOL * valid_old_pwd, 
		BOOL *got_valid_nt_entry, long *pwd_seekpos)
{
	/* Static buffers we will return. */
	static struct smb_passwd pw_buf;
	static pstring  user_name;
	static unsigned char smbpwd[16];
	static unsigned char smbntpwd[16];

	char            linebuf[256];
	unsigned char   c;
	unsigned char  *p;
	long            uidval;
	long            linebuf_len;

        pw_buf.acct_ctrl = ACB_NORMAL;

	/*
	 * Scan the file, a line at a time and check if the name matches.
	 */
	while (!feof(fp)) {
		linebuf[0] = '\0';
		*pwd_seekpos = ftell(fp);

		fgets(linebuf, 256, fp);
		if (ferror(fp))
			return NULL;

		/*
		 * Check if the string is terminated with a newline - if not
		 * then we must keep reading and discard until we get one.
		 */
		linebuf_len = strlen(linebuf);
		if (linebuf[linebuf_len - 1] != '\n') {
			c = '\0';
			while (!ferror(fp) && !feof(fp)) {
				c = fgetc(fp);
				if (c == '\n')
					break;
			}
		} else
			linebuf[linebuf_len - 1] = '\0';

		if ((linebuf[0] == 0) && feof(fp))
			break;
		/*
		 * The line we have should be of the form :-
		 * 
		 * username:uid:[32hex bytes]:....other flags presently
		 * ignored....
		 * 
		 * or,
		 * 
		 * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
		 * 
		 * if Windows NT compatible passwords are also present.
		 */

		if (linebuf[0] == '#' || linebuf[0] == '\0')
			continue;
		p = (unsigned char *) strchr(linebuf, ':');
		if (p == NULL)
			continue;
		/*
		 * As 256 is shorter than a pstring we don't need to check
		 * length here - if this ever changes....
		 */
		strncpy(user_name, linebuf, PTR_DIFF(p, linebuf));
		user_name[PTR_DIFF(p, linebuf)] = '\0';
		if (!strequal(user_name, name))
			continue;

		/* User name matches - get uid and password */
		p++;		/* Go past ':' */
		if (!isdigit(*p))
			return (False);

		uidval = atoi((char *) p);
		while (*p && isdigit(*p))
			p++;

		if (*p != ':')
			return (False);

		/*
		 * Now get the password value - this should be 32 hex digits
		 * which are the ascii representations of a 16 byte string.
		 * Get two at a time and put them into the password.
		 */
		p++;
		*pwd_seekpos += PTR_DIFF(p, linebuf);	/* Save exact position
							 * of passwd in file -
							 * this is used by
							 * smbpasswd.c */
		if (*p == '*' || *p == 'X') {
			/* Password deliberately invalid - end here. */
			*valid_old_pwd = False;
			*got_valid_nt_entry = False;
			pw_buf.smb_nt_passwd = NULL;	/* No NT password (yet)*/

                        pw_buf.acct_ctrl |= ACB_DISABLED;

			/* Now check if the NT compatible password is
			   available. */
			p += 33; /* Move to the first character of the line after 
						the lanman password. */
			if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
				/* NT Entry was valid - even if 'X' or '*', can be overwritten */
				*got_valid_nt_entry = True;
				if (*p != '*' && *p != 'X') {
				  if (gethexpwd((char *)p,(char *)smbntpwd))
				    pw_buf.smb_nt_passwd = smbntpwd;
				}
			}
			pw_buf.smb_name = user_name;
			pw_buf.smb_userid = uidval;
			pw_buf.smb_passwd = NULL;	/* No password */
			return (&pw_buf);
		}
		if (linebuf_len < (PTR_DIFF(p, linebuf) + 33))
			return (False);

		if (p[32] != ':')
			return (False);

		if (!strncasecmp((char *)p, "NO PASSWORD", 11)) {
		  pw_buf.smb_passwd = NULL;	/* No password */
                  pw_buf.acct_ctrl |= ACB_PWNOTREQ;
		} else {
		  if(!gethexpwd((char *)p,(char *)smbpwd))
		    return False;
		  pw_buf.smb_passwd = smbpwd;
		}

		pw_buf.smb_name = user_name;
		pw_buf.smb_userid = uidval;
		pw_buf.smb_nt_passwd = NULL;
		*got_valid_nt_entry = False;
		*valid_old_pwd = True;

		/* Now check if the NT compatible password is
		   available. */
		p += 33; /* Move to the first character of the line after 
					the lanman password. */
		if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) {
			/* NT Entry was valid - even if 'X' or '*', can be overwritten */
			*got_valid_nt_entry = True;
			if (*p != '*' && *p != 'X') {
			  if (gethexpwd((char *)p,(char *)smbntpwd))
			    pw_buf.smb_nt_passwd = smbntpwd;
			}

                        p += 33; /* Move to the first character of the line after
                                    the NT password. */
		}

                /*
                 * Check if the account type bits have been encoded after the
                 * NT password (in the form [NDHTUWSLXI]).
                 */
            
                if (*p == '[') {
                  BOOL finished = False;
            
                  pw_buf.acct_ctrl = 0;
            
                  for(p++;*p && !finished; p++) {
                    switch (*p) {
#if 0
                      /* 
                       * Hmmm. Don't allow these to be set/read independently
                       * of the actual password fields. We don't want a mismatch.
                       * JRA.
                       */
                      case 'N':
                        /* 'N'o password. */
                        pw_buf.acct_ctrl |= ACB_PWNOTREQ;
                        break;
                      case 'D':
                        /* 'D'isabled. */
                        pw_buf.acct_ctrl |= ACB_DISABLED;
                        break;
#endif
                      case 'H':
                        /* 'H'omedir required. */
                        pw_buf.acct_ctrl |= ACB_HOMDIRREQ;
                        break;
                      case 'T':
                        /* 'T'emp account. */
                        pw_buf.acct_ctrl |= ACB_TEMPDUP;
                        break;
                      case 'U':
                        /* 'U'ser account (normal). */
                        pw_buf.acct_ctrl |= ACB_NORMAL;
                        break;
                      case 'M':
                        /* 'M'NS logon user account. What is this ? */
                        pw_buf.acct_ctrl |= ACB_MNS;
                        break;
                      case 'W':
                        /* 'W'orkstation account. */
                        pw_buf.acct_ctrl |= ACB_WSTRUST;
                        break;
                      case 'S':
                        /* 'S'erver account. */
                        pw_buf.acct_ctrl |= ACB_SVRTRUST;
                        break;
                      case 'L':
                        /* 'L'ocked account. */
                        pw_buf.acct_ctrl |= ACB_AUTOLOCK;
                        break;
                      case 'X':
                        /* No 'X'piry. */
                        pw_buf.acct_ctrl |= ACB_PWNOEXP;
                        break;
                      case 'I':
                        /* 'I'nterdomain trust account. */
                        pw_buf.acct_ctrl |= ACB_DOMTRUST;
                        break;
            
                      case ':':
                      case '\n':
                      case '\0': 
                      case ']':
                      default:
                        finished = True;
                    }
                  }
            
                  /* Must have some account type set. */
                  if(pw_buf.acct_ctrl == 0)
                    pw_buf.acct_ctrl = ACB_NORMAL;
            
                } else {
                  /* 'Old' style file. Fake up based on user name. */
                  /*
                   * Currently machine accounts are kept in the same
                   * password file as 'normal accounts'. If this changes
                   * we will have to fix this code. JRA.
                   */
                  if(pw_buf.smb_name[strlen(pw_buf.smb_name) - 1] == '$') {
                    pw_buf.acct_ctrl &= ~ACB_NORMAL;
                    pw_buf.acct_ctrl |= ACB_WSTRUST;
                  }
                }
		return &pw_buf;
	}
	return NULL;
}

/**********************************************************
 Encode the account control bits into a string.
**********************************************************/

char *encode_acct_ctrl(uint16 acct_ctrl)
{
  static fstring acct_str;
  char *p = acct_str;

  *p++ = '[';

  if(acct_ctrl & ACB_HOMDIRREQ)
    *p++ = 'H';
  if(acct_ctrl & ACB_TEMPDUP)
    *p++ = 'T';
  if(acct_ctrl & ACB_NORMAL)
    *p++ = 'U';
  if(acct_ctrl & ACB_MNS)
    *p++ = 'M';
  if(acct_ctrl & ACB_WSTRUST)
    *p++ = 'W';
  if(acct_ctrl & ACB_SVRTRUST)
    *p++ = 'S';
  if(acct_ctrl & ACB_AUTOLOCK)
    *p++ = 'L';
  if(acct_ctrl & ACB_PWNOEXP)
    *p++ = 'X';
  if(acct_ctrl & ACB_DOMTRUST)
    *p++ = 'I';

  *p++ = ']';
  *p = '\0';
  return acct_str;
}

/**********************************************************
 Allocate an unused uid in the smbpasswd file to a new
 machine account.
***********************************************************/

int get_new_machine_uid(void)
{
  int next_uid_start;
  FILE *fp;
  struct smb_passwd *smbpw;

  if(sizeof(uid_t) == 2)
    next_uid_start = 65533;

  if(sizeof(uid_t) == 4)
    next_uid_start = 0x7fffffff;

  fp = startsmbpwent(False);
  while((smbpw = getsmbpwent(fp)) != NULL) {
    if((smbpw->acct_ctrl & (ACB_SVRTRUST|ACB_WSTRUST)))
      next_uid_start = MIN(next_uid_start, (smbpw->smb_userid-1));
  }
  endsmbpwent(fp);
  return next_uid_start;
}

/*********************************************************
 Print command usage on stderr and die.
**********************************************************/

static void usage(char *name, BOOL is_root)
{
	if(is_root)
		fprintf(stderr, "Usage is : %s [-D DEBUGLEVEL] [-a] [-d] [-m] [-n] [username] [password]\n\
%s: [-R <name resolve order>] [-D DEBUGLEVEL] [-r machine] [username] [password]\n%s: [-h]\n", name, name, name);
	else
		fprintf(stderr, "Usage is : %s [-h] [-D DEBUGLEVEL] [-r machine] [password]\n", name);
	exit(1);
}

/*********************************************************
 Start here.
**********************************************************/

int main(int argc, char **argv)
{
  extern char *optarg;
  extern int optind;
  extern int DEBUGLEVEL;
  char *prog_name;
  int             real_uid;
  struct passwd  *pwd;
  struct passwd   machine_account_pwd;
  fstring         old_passwd;
  fstring         new_passwd;
  uchar           new_p16[16];
  uchar           new_nt_p16[16];
  char           *p;
  struct smb_passwd *smb_pwent;
  FILE           *fp;
  BOOL            valid_old_pwd = False;
  BOOL		 got_valid_nt_entry = False;
  long            seekpos;
  int             pwfd;
  char            ascii_p16[66];
  char            c;
  int             ch;
  int             ret, i, err, writelen;
  int             lockfd = -1;
  char           *pfile = SMB_PASSWD_FILE;
  char            readbuf[16 * 1024];
  BOOL is_root = False;
  pstring  user_name;
  pstring  machine_dir_name;
  char *remote_machine = NULL;
  BOOL		 add_user = False;
  BOOL		 got_new_pass = False;
  BOOL		 machine_account = False;
  BOOL		 disable_user = False;
  BOOL		 set_no_password = False;
  pstring servicesf = CONFIGFILE;

  new_passwd[0] = '\0';
  user_name[0] = '\0';

  memset(old_passwd, '\0', sizeof(old_passwd));
  memset(new_passwd, '\0', sizeof(new_passwd));

  prog_name = argv[0];

  TimeInit();

  setup_logging(prog_name,True);
  
  charset_initialise();

  if (!lp_load(servicesf,True,False,False)) {
    fprintf(stderr, "%s: Can't load %s - run testparm to debug it\n", prog_name, servicesf);
  }
    
  codepage_initialise(lp_client_code_page());

  /* Get the real uid */
  real_uid = getuid();
  
  /* Check the effective uid */
  if ((geteuid() == 0) && (real_uid != 0)) {
    fprintf(stderr, "%s: Must *NOT* be setuid root.\n", prog_name);
    exit(1);
  }

  is_root = (real_uid == 0);

  while ((ch = getopt(argc, argv, "adhmnr:R:D:")) != EOF) {
    switch(ch) {
    case 'a':
      if(is_root)
        add_user = True;
      else
        usage(prog_name, is_root);
      break;
    case 'd':
      if(is_root) {
        disable_user = True;
        got_new_pass = True;
        strcpy(new_passwd, "XXXXXX");
      } else
        usage(prog_name, is_root);
      break;
    case 'D':
      DEBUGLEVEL = atoi(optarg);
      break;
    case 'n':
      if(is_root) {
        set_no_password = True;
        got_new_pass = True;
        strcpy(new_passwd, "NO PASSWORD");
      } else
        usage(prog_name, is_root);
    case 'r':
      remote_machine = optarg;
      break;
    case 'R':
      if(is_root) {
        lp_set_name_resolve_order(optarg);
        break;
      } else
        usage(prog_name, is_root);
    case 'm':
      if(is_root) {
        machine_account = True;
      } else
        usage(prog_name, is_root);
      break;
    case 'h':
    default:
      usage(prog_name, is_root);
    }
  }

  argc -= optind;
  argv += optind;

  /*
   * Ensure add_user and remote machine are
   * not both set.
   */
  if(add_user && (remote_machine != NULL))
    usage(prog_name, True);

  if( is_root ) {

    /*
     * Deal with root - can add a user, but only locally.
     */

    switch(argc) {
      case 0:
        break;
      case 1:
        /* If we are root we can change another's password. */
        pstrcpy(user_name, argv[0]);
        break;
      case 2:
        pstrcpy(user_name, argv[0]);
        fstrcpy(new_passwd, argv[1]);
        got_new_pass = True;
        break;
      default:
        usage(prog_name, True);
    }

    if(*user_name) {
      if((pwd = getpwnam(user_name)) == NULL) {
        fprintf(stderr, "%s: User \"%s\" was not found in system password file.\n", 
                    prog_name, user_name);
        exit(1);
      }
    } else {
      if((pwd = getpwuid(real_uid)) != NULL)
        pstrcpy( user_name, pwd->pw_name);
    }

  } else {

    if(add_user) {
      fprintf(stderr, "%s: Only root can set anothers password.\n", prog_name);
      usage(prog_name, False);
    }

    if(argc > 1)
      usage(prog_name, False);

    if(argc == 1) {
      fstrcpy(new_passwd, argv[0]);
      got_new_pass = True;
    }

    if((pwd = getpwuid(real_uid)) != NULL)
      pstrcpy( user_name, pwd->pw_name);

    /*
     * A non-root user is always setting a password
     * via a remote machine (even if that machine is
     * localhost).
     */

    if(remote_machine == NULL)
      remote_machine = "127.0.0.1";
  }    
    
  if (*user_name == '\0') {
    fprintf(stderr, "%s: Unable to get a user name for password change.\n", prog_name);
    exit(1);
  }

  /*
   * If we are adding a machine account then pretend
   * we already have the new password, we will be using
   * the machinename as the password.
   */

  if(add_user && machine_account) {
    got_new_pass = True;
    strncpy(new_passwd, user_name, sizeof(fstring));
    new_passwd[sizeof(fstring)-1] = '\0';
    strlower(new_passwd);
  }

  /* 
   * If we are root we don't ask for the old password (unless it's on a
   * remote machine.
   */

  if (remote_machine != NULL) {
    p = getpass("Old SMB password:");
    fstrcpy(old_passwd, p);
  }

  if (!got_new_pass) {
    new_passwd[0] = '\0';

    p = getpass("New SMB password:");

    strncpy(new_passwd, p, sizeof(fstring));
    new_passwd[sizeof(fstring)-1] = '\0';

    p = getpass("Retype new SMB password:");

    if (strncmp(p, new_passwd, sizeof(fstring)-1))
    {
      fprintf(stderr, "%s: Mismatch - password unchanged.\n", prog_name);
      exit(1);
    }
  }
  
  if (new_passwd[0] == '\0') {
    printf("Password not set\n");
    exit(0);
  }
 
  /* 
   * Now do things differently depending on if we're changing the
   * password on a remote machine. Remember - a normal user is
   * always using this code, looping back to the local smbd.
   */

  if(remote_machine != NULL) {
    struct cli_state cli;
    struct in_addr ip;
    fstring myname;

    if(get_myname(myname,NULL) == False) {
      fprintf(stderr, "%s: unable to get my hostname.\n", prog_name );
      exit(1);
    }

    if(!resolve_name( remote_machine, &ip)) {
      fprintf(stderr, "%s: unable to find an IP address for machine %s.\n",
              prog_name, remote_machine );
      exit(1);
    }
 
    memset(&cli, '\0', sizeof(struct cli_state));
 
    if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) {
      fprintf(stderr, "%s: unable to connect to SMB server on machine %s. Error was : %s.\n",
              prog_name, remote_machine, get_error_message(&cli) );
      exit(1);
    }
  
    if (!cli_session_request(&cli, remote_machine, 0x20, myname)) {
      fprintf(stderr, "%s: machine %s rejected the session setup. Error was : %s.\n",
              prog_name, remote_machine, get_error_message(&cli) );
      cli_shutdown(&cli);
      exit(1);
    }
  
    cli.protocol = PROTOCOL_NT1;

    if (!cli_negprot(&cli)) {
      fprintf(stderr, "%s: machine %s rejected the negotiate protocol. Error was : %s.\n",        
              prog_name, remote_machine, get_error_message(&cli) );
      cli_shutdown(&cli);
      exit(1);
    }
  
    if (!cli_session_setup(&cli, user_name, old_passwd, strlen(old_passwd),
                           "", 0, "")) {
      fprintf(stderr, "%s: machine %s rejected the session setup. Error was : %s.\n",        
              prog_name, remote_machine, get_error_message(&cli) );
      cli_shutdown(&cli);
      exit(1);
    }               

    if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
      fprintf(stderr, "%s: machine %s rejected the tconX on the IPC$ share. Error was : %s.\n",
              prog_name, remote_machine, get_error_message(&cli) );
      cli_shutdown(&cli);
      exit(1);
    }

    if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) {
      fprintf(stderr, "%s: machine %s rejected the password change: Error was : %s.\n",
              prog_name, remote_machine, get_error_message(&cli) );
      cli_shutdown(&cli);
      exit(1);
    }

    cli_shutdown(&cli);
    exit(0);
  }

  /*
   * Check for a machine account flag - make sure the username ends in
   * a '$' etc....
   */

  if(machine_account) {
    int username_len = strlen(user_name);
    if(username_len >= sizeof(pstring) - 1) {
      fprintf(stderr, "%s: machine account name too long.\n", user_name);
      exit(1);
    }

    if(user_name[username_len] != '$') {
      user_name[username_len] = '$';
      user_name[username_len+1] = '\0';
    }

    /*
     * Setup the pwd struct to point to known
     * values for a machine account (it doesn't
     * exist in /etc/passwd).
     */

    pwd = &machine_account_pwd;
    pwd->pw_name = user_name;
    sprintf(machine_dir_name, "Workstation machine account for %s", user_name);
    pwd->pw_gecos = "";
    pwd->pw_dir = machine_dir_name;
    pwd->pw_shell = "";
    pwd->pw_uid = get_new_machine_uid();
      
  }

  /* Calculate the MD4 hash (NT compatible) of the new password. */
  
  memset(new_nt_p16, '\0', 16);
  E_md4hash((uchar *) new_passwd, new_nt_p16);
  
  /* Mangle the password into Lanman format */
  new_passwd[14] = '\0';
  strupper(new_passwd);
  
  /*
   * Calculate the SMB (lanman) hash functions of the new password.
   */
  
  memset(new_p16, '\0', 16);
  E_P16((uchar *) new_passwd, new_p16);
  
  /*
   * Open the smbpaswd file XXXX - we need to parse smb.conf to get the
   * filename
   */
  fp = fopen(pfile, "r+");
  if (!fp && errno == ENOENT) {
	  fp = fopen(pfile, "w");
	  if (fp) {
		  fprintf(fp, "# Samba SMB password file\n");
		  fclose(fp);
		  fp = fopen(pfile, "r+");
	  }
  }
  if (!fp) {
	  err = errno;
	  fprintf(stderr, "%s: Failed to open password file %s.\n",
		  prog_name, pfile);
	  errno = err;
	  perror(prog_name);
	  exit(err);
  }
  
  /* Set read buffer to 16k for effiecient reads */
  setvbuf(fp, readbuf, _IOFBF, sizeof(readbuf));
  
  /* make sure it is only rw by the owner */
  chmod(pfile, 0600);

  /* Lock the smbpasswd file for write. */
  if ((lockfd = pw_file_lock(fileno(fp), F_WRLCK, 5)) < 0) {
    err = errno;
    fprintf(stderr, "%s: Failed to lock password file %s.\n",
	    prog_name, pfile);
    fclose(fp);
    errno = err;
    perror(prog_name);
    exit(err);
  }

  /* Get the smb passwd entry for this user */
  smb_pwent = _my_get_smbpwnam(fp, user_name, &valid_old_pwd, 
			       &got_valid_nt_entry, &seekpos);
  if (smb_pwent == NULL) {
    if(add_user == False) {
      fprintf(stderr, "%s: Failed to find entry for user %s in file %s.\n",
  	      prog_name, pwd->pw_name, pfile);
      fclose(fp);
      pw_file_unlock(lockfd);
      exit(1);
    }

    /* Create a new smb passwd entry and set it to the given password. */
    {
      int fd;
      int new_entry_length;
      char *new_entry;
      long offpos;
      uint16 acct_ctrl = (machine_account ? ACB_WSTRUST : ACB_NORMAL);

      /* The add user write needs to be atomic - so get the fd from 
         the fp and do a raw write() call.
       */
      fd = fileno(fp);

      if((offpos = lseek(fd, 0, SEEK_END)) == -1) {
        fprintf(stderr, "%s: Failed to add entry for user %s to file %s. \
Error was %s\n", prog_name, user_name, pfile, strerror(errno));
        fclose(fp);
        pw_file_unlock(lockfd);
        exit(1);
      }

      new_entry_length = strlen(user_name) + 1 + 15 + 1 + 
                         32 + 1 + 32 + 1 + sizeof(fstring) + 
                         1 + strlen(pwd->pw_dir) + 1 + 
                         strlen(pwd->pw_shell) + 1;
      if((new_entry = (char *)malloc( new_entry_length )) == 0) {
        fprintf(stderr, "%s: Failed to add entry for user %s to file %s. \
Error was %s\n", prog_name, pwd->pw_name, pfile, strerror(errno));
        pw_file_unlock(lockfd);
        fclose(fp);
        exit(1);
      }

      sprintf(new_entry, "%s:%u:", pwd->pw_name, (unsigned)pwd->pw_uid);
      p = &new_entry[strlen(new_entry)];
      if(disable_user) {
        memcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32);
        p += 32;
        *p++ = ':';
        memcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32);
      } else if (set_no_password) {
        memcpy(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 32);
        p += 32;
        *p++ = ':';
        memcpy(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32);
      } else {
        for( i = 0; i < 16; i++)
          sprintf(&p[i*2], "%02X", new_p16[i]);
        p += 32;
        *p++ = ':';
        for( i = 0; i < 16; i++)
          sprintf(&p[i*2], "%02X", new_nt_p16[i]);
      }
      p += 32;
      *p++ = ':';
      sprintf(p, "%s:%s:%s\n", encode_acct_ctrl(acct_ctrl),
              pwd->pw_dir, pwd->pw_shell);
      if(write(fd, new_entry, strlen(new_entry)) != strlen(new_entry)) {
        fprintf(stderr, "%s: Failed to add entry for user %s to file %s. \
Error was %s\n", prog_name, pwd->pw_name, pfile, strerror(errno));
        /* Remove the entry we just wrote. */
        if(ftruncate(fd, offpos) == -1) {
          fprintf(stderr, "%s: ERROR failed to ftruncate file %s. \
Error was %s. Password file may be corrupt ! Please examine by hand !\n", 
                   prog_name, pwd->pw_name, strerror(errno));
        }
        pw_file_unlock(lockfd);
        fclose(fp);
        exit(1);
      }
      
      pw_file_unlock(lockfd);  
      fclose(fp);  
      exit(0);
    }
  } else {
	  /* the entry already existed */
	  add_user = False;
  }

  /*
   * We are root - just write the new password.
   */

  /* Create the 32 byte representation of the new p16 */
  if(disable_user) {
    memcpy(ascii_p16, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32);
  } else if (set_no_password) {
    memcpy(ascii_p16, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", 32);
  } else {
    for (i = 0; i < 16; i++) {
      sprintf(&ascii_p16[i * 2], "%02X", (uchar) new_p16[i]);
    }
  }
  if(got_valid_nt_entry) {
    /* Add on the NT md4 hash */
    ascii_p16[32] = ':';
    if(disable_user) {
      memcpy(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32);
    } else if (set_no_password) {
      memcpy(&ascii_p16[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", 32);
    } else {
      for (i = 0; i < 16; i++) {
        sprintf(&ascii_p16[(i * 2)+33], "%02X", (uchar) new_nt_p16[i]);
      }
    }
  }
  /*
   * Do an atomic write into the file at the position defined by
   * seekpos.
   */
  pwfd = fileno(fp);
  ret = lseek(pwfd, seekpos - 1, SEEK_SET);
  if (ret != seekpos - 1) {
    err = errno;
    fprintf(stderr, "%s: seek fail on file %s.\n",
	    prog_name, pfile);
    errno = err;
    perror(prog_name);
    pw_file_unlock(lockfd);
    fclose(fp);
    exit(1);
  }
  /* Sanity check - ensure the character is a ':' */
  if (read(pwfd, &c, 1) != 1) {
    err = errno;
    fprintf(stderr, "%s: read fail on file %s.\n",
	    prog_name, pfile);
    errno = err;
    perror(prog_name);
    pw_file_unlock(lockfd);
    fclose(fp);
    exit(1);
  }
  if (c != ':') {
    fprintf(stderr, "%s: sanity check on passwd file %s failed.\n",
	    prog_name, pfile);
    pw_file_unlock(lockfd);
    fclose(fp);
    exit(1);
  }
  writelen = (got_valid_nt_entry) ? 65 : 32;
  if (write(pwfd, ascii_p16, writelen) != writelen) {
    err = errno;
    fprintf(stderr, "%s: write fail in file %s.\n",
	    prog_name, pfile);
    errno = err;
    perror(prog_name);
    pw_file_unlock(lockfd);
    fclose(fp);
    exit(err);
  }
  pw_file_unlock(lockfd);
  fclose(fp);
  if(disable_user)
    printf("User %s disabled.\n", user_name);
  else if (set_no_password)
    printf("User %s - set to no password.\n", user_name);
  else
    printf("Password changed for user %s.\n", user_name);
  return 0;
}