user_info.lm_resp.buffer = (uint8 *)local_lm_response;
user_info.lm_resp.len = 24;
+
+ /* WATCH OUT. This doesn't work if the incoming password is incorrectly cased.
+ We might want to add a check here and only do an LM in that case */
+
/* This encrypts the lm_pwd feild, which actualy contains the password
rather than the nt_pwd field becouse that contains nothing */
SMBNTencrypt((uchar *)lm_pwd, user_info.chal, local_nt_response);
if (ret == False)
{
DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user_info->unix_username.str));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
nt_status = sam_account_ok(sampass, user_info);
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return nt_status;
}
static BOOL update_smbpassword_file(char *user, char *password)
{
SAM_ACCOUNT *sampass = NULL;
- BOOL ret;
+ BOOL ret;
pdb_init_sam(&sampass);
if(ret == False) {
DEBUG(0,("pdb_getsampwnam returned NULL\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
* Remove the account disabled flag - we are updating the
* users password from a login.
*/
- pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED);
+ if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
+
+ if (!pdb_set_plaintext_passwd (sampass, password)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
- /* Here, the flag is one, because we want to ignore the
+ /* Now write it into the file. */
+ become_root();
+
+ /* Here, the override flag is True, because we want to ignore the
XXXXXXX'd out password */
- ret = change_oem_password( sampass, password, True);
- if (ret == False) {
- DEBUG(3,("change_oem_password returned False\n"));
+ ret = pdb_update_sam_account (sampass, True);
+
+ unbecome_root();
+
+ if (ret) {
+ DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
}
- pdb_free_sam(sampass);
+ memset(password, '\0', strlen(password));
+
+ pdb_free_sam(&sampass);
return ret;
}
if (ret==False) {
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
if (!(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) && ((pass=pdb_get_nt_passwd(sampass)) != NULL)) {
memcpy(md4pw, pass, 16);
dump_data(5, md4pw, 16);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
/* Ensure the account exists and is a machine account. */
if (ret==False || !(pdb_get_acct_ctrl(sampass) & ACB_WSTRUST)) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
cred_hash3( pwd, q_u->pwd, p->dc.sess_key, 0);
/* lies! nt and lm passwords are _not_ the same: don't care */
- pdb_set_lanman_passwd (sampass, pwd);
- pdb_set_nt_passwd (sampass, pwd);
- pdb_set_acct_ctrl (sampass, ACB_WSTRUST);
+ if (!pdb_set_lanman_passwd (sampass, pwd)) {
+ pdb_free_sam(&sampass);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_nt_passwd (sampass, pwd)) {
+ pdb_free_sam(&sampass);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ if (!pdb_set_acct_ctrl (sampass, ACB_WSTRUST)) {
+ pdb_free_sam(&sampass);
+ /* Not quite sure what this one qualifies as, but this will do */
+ return NT_STATUS_NO_MEMORY;
+ }
become_root();
ret = pdb_update_sam_account (sampass,False);
/* set up the LSA Server Password Set response */
init_net_r_srv_pwset(r_u, &srv_cred, status);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return r_u->status;
}
unbecome_root();
if (ret == False) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
&global_sam_sid, /* DOM_SID *dom_sid */
NULL); /* char *other_sids */
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return status;
}
if(!pdb_getsampwnam(sampass, pipe_user_name)) {
DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n",
pipe_user_name));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
unbecome_root();
return False;
}
if(!pdb_get_nt_passwd(sampass)) {
DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
p->ntlmssp_auth_validated = True;
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
if (!pdb_setsampwent(False)) {
DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return NT_STATUS_ACCESS_DENIED;
}
}
pdb_endsampwent();
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
if (not_finished)
return STATUS_MORE_ENTRIES;
*total_entries = *num_entries;
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
if (not_finished)
return STATUS_MORE_ENTRIES;
/* check that the RID exists in our domain. */
if (ret == False) {
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
samr_clear_sam_passwd(sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid))
if (ret==False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return False;
}
init_sam_user_info10(id10, pdb_get_acct_ctrl(smbpass) );
samr_clear_sam_passwd(smbpass);
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return True;
}
if (ret == False) {
DEBUG(4, ("User 0x%x not found\n", user_rid));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
}
DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return NT_STATUS_ACCOUNT_DISABLED;
}
ZERO_STRUCTP(id12);
init_sam_user_info12(id12, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
- pdb_free_sam(smbpass);
+ pdb_free_sam(&smbpass);
return NT_STATUS_OK;
}
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
ZERO_STRUCTP(id20);
init_sam_user_info20A(id20, sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
ZERO_STRUCTP(id21);
init_sam_user_info21A(id21, sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return True;
}
unbecome_root();
if (ret == True) {
/* this account exists: say so */
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_USER_EXISTS;
}
pstrcpy(add_script, lp_adduser_script());
} else {
DEBUG(0, ("_api_samr_create_user: mismatch between trust flags and $ termination\n"));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_UNSUCCESSFUL;
}
if (!local_password_change(account, local_flags, NULL, err_str,
sizeof(err_str), msg_str, sizeof(msg_str))) {
DEBUG(0, ("%s\n", err_str));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
unbecome_root();
if (ret == False) {
/* account doesn't exist: say so */
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_INVALID_HANDLE;
}
/* append the user's RID to it */
if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_NO_SUCH_USER;
}
/* associate the user's SID with the new handle. */
if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_NO_MEMORY;
}
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) {
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
r_u->user_rid=sam_pass->user_rid;
r_u->unknown_0 = 0x000703ff;
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_OK;
}
ret = pdb_getsampwrid(pwd, rid);
if(ret==False) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
if (id10 == NULL) {
DEBUG(5, ("set_user_info_10: NULL id10\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_acct_ctrl(pwd, id10->acb_info);
+ if (!pdb_set_acct_ctrl(pwd, id10->acb_info)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
pdb_init_sam(&pwd);
if(!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
if (id12 == NULL) {
DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_lanman_passwd (pwd, id12->lm_pwd);
- pdb_set_nt_passwd (pwd, id12->nt_pwd);
+ if (!pdb_set_lanman_passwd (pwd, id12->lm_pwd)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
+ if (!pdb_set_nt_passwd (pwd, id12->nt_pwd)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
/* write the change out */
if(!pdb_update_sam_account(new_pwd, True)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return True;
}
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
acct_ctrl = pdb_get_acct_ctrl(pwd);
copy_sam_passwd(new_pwd, pwd);
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
copy_id23_to_sam_passwd(new_pwd, id23);
if (!decode_pw_buffer((char*)id23->pass, plaintext_buf, 256, &len)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_set_plaintext_passwd (new_pwd, plaintext_buf);
+ if (!pdb_set_plaintext_passwd (new_pwd, plaintext_buf)) {
+ pdb_free_sam(&new_pwd);
+ return False;
+ }
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
/* update the UNIX password */
if (lp_unix_password_sync() )
if(!chgpasswd(pdb_get_username(new_pwd), "", plaintext_buf, True)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
}
ZERO_STRUCT(plaintext_buf);
if(!pdb_update_sam_account(new_pwd, True)) {
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return False;
}
- pdb_free_sam(new_pwd);
+ pdb_free_sam(&new_pwd);
return True;
}
pdb_init_sam(&pwd);
if (!pdb_getsampwrid(pwd, rid)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
ZERO_STRUCT(plaintext_buf);
if (!decode_pw_buffer(pass, plaintext_buf, 256, &len)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_set_plaintext_passwd (pwd, plaintext_buf);
+ if (!pdb_set_plaintext_passwd (pwd, plaintext_buf)) {
+ pdb_free_sam(&pwd);
+ return False;
+ }
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
/* update the UNIX password */
if (lp_unix_password_sync())
if(!chgpasswd(pdb_get_username(pwd), "", plaintext_buf, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
}
/* update the SAMBA password */
if(!pdb_update_sam_account(pwd, True)) {
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return False;
}
- pdb_free_sam(pwd);
+ pdb_free_sam(&pwd);
return True;
}
unbecome_root();
if(ret == False) {
DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid ));
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
memset(sess_key, '\0', 16);
mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
- pdb_free_sam(sam_pass);
+ pdb_free_sam(&sam_pass);
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {
if (ret == True) {
fstrcpy(user_name, pdb_get_username(sampwd) );
DEBUG(5,(" = %s\n", user_name));
- pdb_free_sam(sampwd);
+ pdb_free_sam(&sampwd);
return NT_STATUS_OK;
}
DEBUG(5,(" none mapped\n"));
- pdb_free_sam(sampwd);
+ pdb_free_sam(&sampwd);
return NT_STATUS_NONE_MAPPED;
}
if (ret == True) {
(*rid) = pdb_get_user_rid(sampass);
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_OK;
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NONE_MAPPED;
}
user_info.lm_resp.buffer = (uint8 *)local_lm_response;
user_info.lm_resp.len = 24;
+
+ /* WATCH OUT. This doesn't work if the incoming password is incorrectly cased.
+ We might want to add a check here and only do an LM in that case */
+
/* This encrypts the lm_pwd feild, which actualy contains the password
rather than the nt_pwd field becouse that contains nothing */
SMBNTencrypt((uchar *)lm_pwd, user_info.chal, local_nt_response);
if (ret == False)
{
DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user_info->unix_username.str));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
nt_status = sam_account_ok(sampass, user_info);
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return nt_status;
}
static BOOL update_smbpassword_file(char *user, char *password)
{
SAM_ACCOUNT *sampass = NULL;
- BOOL ret;
+ BOOL ret;
pdb_init_sam(&sampass);
if(ret == False) {
DEBUG(0,("pdb_getsampwnam returned NULL\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
* Remove the account disabled flag - we are updating the
* users password from a login.
*/
- pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED);
+ if (!pdb_set_acct_ctrl(sampass, pdb_get_acct_ctrl(sampass) & ~ACB_DISABLED)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
+
+ if (!pdb_set_plaintext_passwd (sampass, password)) {
+ pdb_free_sam(&sampass);
+ return False;
+ }
- /* Here, the flag is one, because we want to ignore the
+ /* Now write it into the file. */
+ become_root();
+
+ /* Here, the override flag is True, because we want to ignore the
XXXXXXX'd out password */
- ret = change_oem_password( sampass, password, True);
- if (ret == False) {
- DEBUG(3,("change_oem_password returned False\n"));
+ ret = pdb_update_sam_account (sampass, True);
+
+ unbecome_root();
+
+ if (ret) {
+ DEBUG(3,("pdb_update_sam_account returned %d\n",ret));
}
- pdb_free_sam(sampass);
+ memset(password, '\0', strlen(password));
+
+ pdb_free_sam(&sampass);
return ret;
}
BOOL check_lanman_password(char *user, uchar * pass1,
uchar * pass2, SAM_ACCOUNT **hnd)
{
- static uchar null_pw[16];
uchar unenc_new_pw[16];
uchar unenc_old_pw[16];
SAM_ACCOUNT *sampass = NULL;
if (ret == False) {
DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
if (acct_ctrl & ACB_DISABLED) {
DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
- if ((lanman_pw == NULL) && (acct_ctrl & ACB_PWNOTREQ)) {
- uchar no_pw[14];
- memset(no_pw, '\0', 14);
- E_P16(no_pw, null_pw);
- pdb_set_lanman_passwd (sampass, null_pw);
- }
- else if (lanman_pw == NULL) {
- DEBUG(0, ("check_lanman_password: no lanman password !\n"));
- pdb_free_sam(sampass);
- return False;
+ if (lanman_pw == NULL) {
+ if (acct_ctrl & ACB_PWNOTREQ) {
+ /* this saves the pointer for the caller */
+ *hnd = sampass;
+ return True;
+ } else {
+ DEBUG(0, ("check_lanman_password: no lanman password !\n"));
+ pdb_free_sam(&sampass);
+ return False;
+ }
}
/* Get the new lanman hash. */
/* Check that the two old passwords match. */
if (memcmp(lanman_pw, unenc_old_pw, 16)) {
DEBUG(0,("check_lanman_password: old password doesn't match.\n"));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return False;
}
/* this saves the pointer for the caller */
*hnd = sampass;
-
return True;
}
return False;
}
- if ((pwd == NULL) && (acct_ctrl & ACB_PWNOTREQ)) {
- uchar no_pw[14];
- memset(no_pw, '\0', 14);
- E_P16(no_pw, null_pw);
- pdb_set_lanman_passwd(sampass, null_pw);
+ if (pwd == NULL) {
+ if (acct_ctrl & ACB_PWNOTREQ) {
+ uchar no_pw[14];
+ memset(no_pw, '\0', 14);
+ E_P16(no_pw, null_pw);
+
+ /* Get the new lanman hash. */
+ D_P16(null_pw, pass2, unenc_new_pw);
+ } else {
+ DEBUG(0,("change_lanman_password: no lanman password !\n"));
+ return False;
+ }
+ } else {
+ /* Get the new lanman hash. */
+ D_P16(pwd, pass2, unenc_new_pw);
}
- else if (pwd == NULL) {
- DEBUG(0,("change_lanman_password: no lanman password !\n"));
+
+ if (!pdb_set_lanman_passwd(sampass, unenc_new_pw)) {
return False;
}
- /* Get the new lanman hash. */
- D_P16(pwd, pass2, unenc_new_pw);
-
- pdb_set_lanman_passwd(sampass, unenc_new_pw);
- pdb_set_nt_passwd (sampass, NULL); /* We lose the NT hash. Sorry. */
+ if (!pdb_set_nt_passwd (sampass, NULL)) {
+ return False; /* We lose the NT hash. Sorry. */
+ }
/* Now flush the sam_passwd struct to persistent storage */
become_root();
* available. JRA.
*/
- if (ret && lp_unix_password_sync())
+ if ((ret) && lp_unix_password_sync())
ret = chgpasswd(user, "", new_passwd, True);
if (ret)
- ret = change_oem_password(sampass, new_passwd, False);
+ ret = change_oem_password(sampass, new_passwd);
memset(new_passwd, 0, sizeof(new_passwd));
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
return ret;
}
/* check for null passwords */
if (lanman_pw == NULL) {
- if (acct_ctrl & ACB_PWNOTREQ)
- pdb_set_lanman_passwd(sampass, null_pw);
- else {
+ if (!(acct_ctrl & ACB_PWNOTREQ)) {
DEBUG(0,("check_oem_password: no lanman password !\n"));
return False;
}
}
-
+
if (pdb_get_nt_passwd(sampass) == NULL && nt_pass_set) {
- if (acct_ctrl & ACB_PWNOTREQ)
- pdb_set_nt_passwd(sampass, null_pw);
- else {
+ if (!(acct_ctrl & ACB_PWNOTREQ)) {
DEBUG(0,("check_oem_password: no ntlm password !\n"));
return False;
}
}
-
+
/*
* Call the hash function to get the new password.
*/
/***********************************************************
Code to change the oem password. Changes both the lanman
and NT hashes.
- override = False, normal
- override = True, override XXXXXXXXXX'd password
************************************************************/
-BOOL change_oem_password(SAM_ACCOUNT *hnd, char *new_passwd,
- BOOL override)
+BOOL change_oem_password(SAM_ACCOUNT *hnd, char *new_passwd)
{
- int ret;
+ BOOL ret;
- pdb_set_plaintext_passwd (hnd, new_passwd);
+ if (!pdb_set_plaintext_passwd (hnd, new_passwd)) {
+ return False;
+ }
/* Now write it into the file. */
become_root();
- ret = pdb_update_sam_account (hnd, override);
+ ret = pdb_update_sam_account (hnd, False);
unbecome_root();
- memset(new_passwd, '\0', strlen(new_passwd));
-
return ret;
}
fstrcpy(saved_pass2, pass2);
if (check_plaintext_password(user,pass1,strlen(pass1),&sampass) &&
- change_oem_password(sampass,pass2,False))
+ change_oem_password(sampass,pass2))
{
SSVAL(*rparam,0,NERR_Success);
if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False))
SSVAL(*rparam,0,NERR_badpass);
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
}
{
SAM_ACCOUNT *hnd = NULL;
- if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) &&
+ if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd) &&
change_lanman_password(hnd,(unsigned char *)pass1,(unsigned char *)pass2))
{
SSVAL(*rparam,0,NERR_Success);
}
- pdb_free_sam(hnd);
+ pdb_free_sam(&hnd);
}
if (ret==False) {
fprintf (stderr, "Username not found!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle);
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return ret;
}
ret = pdb_setsampwent(False);
if (ret && errno == ENOENT) {
fprintf (stderr,"Password database not found!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
exit(1);
}
}
pdb_endsampwent ();
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
ret = pdb_getsampwnam (sam_pwent, username);
if (ret==False) {
fprintf (stderr, "Username not found!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
print_user_info (username, True, False);
else {
fprintf (stderr, "Unable to modify entry!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
if (!(pwd = sys_getpwnam(username))) {
fprintf (stderr, "User %s does not exist in system passwd!\n", username);
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
password2 = getpass("retype new password:");
if (strcmp (password1, password2)) {
fprintf (stderr, "Passwords does not match!\n");
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
print_user_info (username, True, False);
} else {
fprintf (stderr, "Unable to add user! (does it alredy exist?)\n");
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return 0;
}
for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) {
pdb_init_sam (&sam_trust);
if (pdb_getsampwuid (sam_trust, uid)) {
- pdb_free_sam (sam_trust);
+ pdb_free_sam (&sam_trust);
} else {
break;
}
if (uid>MAX_MACHINE_UID) {
fprintf (stderr, "No more free UIDs available to Machine accounts!\n");
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
print_user_info (name, True, False);
} else {
fprintf (stderr, "Unable to add machine! (does it already exist?)\n");
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return -1;
}
- pdb_free_sam (sam_pwent);
+ pdb_free_sam (&sam_pwent);
return 0;
}
fgets(linebuf, 256, fp);
if (ferror(fp)) {
fprintf (stderr, "%s\n", strerror (ferror (fp)));
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return -1;
}
if ((linebuf_len = strlen(linebuf)) == 0) {
linebuf[linebuf_len] = '\0';
if ((linebuf[0] == 0) && feof(fp)) {
/*end of file!!*/
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
line++;
pdb_reset_sam (sam_pwent);
}
printf ("%d lines read.\n%d entryes imported\n", line, good);
- pdb_free_sam(sam_pwent);
+ pdb_free_sam(&sam_pwent);
return 0;
}
return False;
}
ret = remote_password_change(remote_machine, user_name,
- old_passwd, new_passwd, err_str, sizeof(err_str));
+ old_passwd, new_passwd, err_str, sizeof(err_str));
if(*err_str)
fprintf(stderr, err_str);
return ret;
usage();
}
- if (!user_name[0] && (pwd = sys_getpwuid(0))) {
+ if (!user_name[0] && (pwd = sys_getpwuid(geteuid()))) {
fstrcpy(user_name, pwd->pw_name);
}
if((sampass != False) && (pdb_get_lanman_passwd(sampass) != NULL)) {
new_passwd = xstrdup("XXXX"); /* Don't care. */
}
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
}
if(!new_passwd)
if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) )
printf(" User has no password flag set.");
printf("\n");
- pdb_free_sam(sampass);
+ pdb_free_sam(&sampass);
}
done: