/* Eat leading/trailing whitespace before match. */
pstring str;
pstrcpy( str, buffer);
- trim_string( str, " ", " ");
+ trim_char( str, ' ', ' ');
if ((match = (unix_wild_match(expected, str) == 0)))
timeout = 200;
int wstat;
BOOL chstat = False;
- if (pass == NULL)
- {
- DEBUG(0,
- ("chat_with_program: user doesn't exist in the UNIX password database.\n"));
+ if (pass == NULL) {
+ DEBUG(0, ("chat_with_program: user doesn't exist in the UNIX password database.\n"));
return False;
}
/* allocate a pseudo-terminal device */
- if ((master = findpty(&slavedev)) < 0)
- {
- DEBUG(3,
- ("Cannot Allocate pty for password change: %s\n",
- pass->pw_name));
+ if ((master = findpty(&slavedev)) < 0) {
+ DEBUG(3, ("Cannot Allocate pty for password change: %s\n", pass->pw_name));
return (False);
}
CatchChildLeaveStatus();
- if ((pid = sys_fork()) < 0)
- {
- DEBUG(3,
- ("Cannot fork() child for password change: %s\n",
- pass->pw_name));
+ if ((pid = sys_fork()) < 0) {
+ DEBUG(3, ("Cannot fork() child for password change: %s\n", pass->pw_name));
close(master);
CatchChild();
return (False);
}
/* we now have a pty */
- if (pid > 0)
- { /* This is the parent process */
- if ((chstat = talktochild(master, chatsequence)) == False)
- {
- DEBUG(3,
- ("Child failed to change password: %s\n",
- pass->pw_name));
+ if (pid > 0) { /* This is the parent process */
+ if ((chstat = talktochild(master, chatsequence)) == False) {
+ DEBUG(3, ("Child failed to change password: %s\n", pass->pw_name));
kill(pid, SIGKILL); /* be sure to end this process */
}
- while ((wpid = sys_waitpid(pid, &wstat, 0)) < 0)
- {
- if (errno == EINTR)
- {
+ while ((wpid = sys_waitpid(pid, &wstat, 0)) < 0) {
+ if (errno == EINTR) {
errno = 0;
continue;
}
break;
}
- if (wpid < 0)
- {
+ if (wpid < 0) {
DEBUG(3, ("The process is no longer waiting!\n\n"));
close(master);
CatchChild();
close(master);
- if (pid != wpid)
- {
- DEBUG(3,
- ("We were waiting for the wrong process ID\n"));
+ if (pid != wpid) {
+ DEBUG(3, ("We were waiting for the wrong process ID\n"));
return (False);
}
- if (WIFEXITED(wstat) == 0)
- {
- DEBUG(3,
- ("The process exited while we were waiting\n"));
+ if (WIFEXITED(wstat) == 0) {
+ DEBUG(3, ("The process exited while we were waiting\n"));
return (False);
}
- if (WEXITSTATUS(wstat) != 0)
- {
- DEBUG(3,
- ("The status of the process exiting was %d\n",
+ if (WEXITSTATUS(wstat) != 0) {
+ DEBUG(3, ("The status of the process exiting was %d\n",
wstat));
return (False);
}
- }
- else
- {
+ } else {
/* CHILD */
/*
if (as_root)
become_root();
- DEBUG(3,
- ("Dochild for user %s (uid=%d,gid=%d)\n", pass->pw_name,
- (int)getuid(), (int)getgid()));
- chstat =
- dochild(master, slavedev, pass, passwordprogram,
- as_root);
+ DEBUG(3, ("Dochild for user %s (uid=%d,gid=%d) (as_root = %s)\n", pass->pw_name,
+ (int)getuid(), (int)getgid(), BOOLSTR(as_root) ));
+ chstat = dochild(master, slavedev, pass, passwordprogram, as_root);
if (as_root)
unbecome_root();
* The child should never return from dochild() ....
*/
- DEBUG(0,
- ("chat_with_program: Error: dochild() returned %d\n",
- chstat));
+ DEBUG(0, ("chat_with_program: Error: dochild() returned %d\n", chstat));
exit(1);
}
if (chstat)
- DEBUG(3,
- ("Password change %ssuccessful for user %s\n",
+ DEBUG(3, ("Password change %ssuccessful for user %s\n",
(chstat ? "" : "un"), pass->pw_name));
return (chstat);
}
-
BOOL chgpasswd(const char *name, const char *oldpass, const char *newpass, BOOL as_root)
{
pstring passwordprogram;
oldpass = "";
}
- DEBUG(3, ("Password change for user: %s\n", name));
+ DEBUG(3, ("Password change (as_root=%s) for user: %s\n", BOOLSTR(as_root), name));
#if DEBUG_PASSWORD
DEBUG(100, ("Passwords: old=%s new=%s\n", oldpass, newpass));
len = strlen(oldpass);
for (i = 0; i < len; i++) {
if (iscntrl((int)oldpass[i])) {
- DEBUG(0,
- ("chat_with_program: oldpass contains control characters (disallowed).\n"));
+ DEBUG(0, ("chat_with_program: oldpass contains control characters (disallowed).\n"));
return False;
}
}
len = strlen(newpass);
for (i = 0; i < len; i++) {
if (iscntrl((int)newpass[i])) {
- DEBUG(0,
- ("chat_with_program: newpass contains control characters (disallowed).\n"));
+ DEBUG(0, ("chat_with_program: newpass contains control characters (disallowed).\n"));
return False;
}
}
/* A non-PAM password change just doen't make sense without a valid local user */
- if (pass == NULL)
- {
- DEBUG(0,
- ("chgpasswd: user %s doesn't exist in the UNIX password database.\n",
- name));
+ if (pass == NULL) {
+ DEBUG(0, ("chgpasswd: user %s doesn't exist in the UNIX password database.\n", name));
return False;
}
uchar * ntdata, uchar * nthash)
{
fstring new_passwd;
- const char *unix_user;
SAM_ACCOUNT *sampass = NULL;
NTSTATUS nt_status = check_oem_password(user, lmdata, lmhash, ntdata, nthash,
&sampass, new_passwd, sizeof(new_passwd));
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
- /*
- * At this point we have the new case-sensitive plaintext
- * password in the fstring new_passwd. If we wanted to synchronise
- * with UNIX passwords we would call a UNIX password changing
- * function here. However it would have to be done as root
- * as the plaintext of the old users password is not
- * available. JRA.
- */
-
- unix_user = pdb_get_username(sampass);
-
/* We've already checked the old password here.... */
become_root();
- nt_status = change_oem_password(sampass, NULL, new_passwd);
+ nt_status = change_oem_password(sampass, NULL, new_passwd, True);
unbecome_root();
memset(new_passwd, 0, sizeof(new_passwd));
is correct before calling. JRA.
************************************************************/
-NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passwd)
+NTSTATUS change_oem_password(SAM_ACCOUNT *hnd, char *old_passwd, char *new_passwd, BOOL as_root)
{
BOOL ret;
uint32 min_len;
*/
if(lp_unix_password_sync() &&
- !chgpasswd(pdb_get_username(hnd), old_passwd, new_passwd, False)) {
+ !chgpasswd(pdb_get_username(hnd), old_passwd, new_passwd, as_root)) {
return NT_STATUS_ACCESS_DENIED;
}
git.samba.org / obnox / samba / samba-obnox.git / blobdiff