Fix for bug #5082 from Mathias Gug <mathiaz@ubuntu.com>, Steve Langasek <vorlon@debia...

[tprouty/samba.git] / source / smbd / chgpasswd.c

diff --git a/source/smbd/chgpasswd.c b/source/smbd/chgpasswd.c
index 8df824a323e1f311ae5ee4b8816f27c2a52a0110..4ec8452a08823121c7ae2992c3d0b7d1360d5b40 100644 (file)
--- a/source/smbd/chgpasswd.c
+++ b/source/smbd/chgpasswd.c
@@ -126,6 +126,7 @@ static int dochild(int master, const char *slavedev, const struct passwd *pass,
        struct termios stermios;
        gid_t gid;
        uid_t uid;
+       char * const eptrs[1] = { NULL };
 
        if (pass == NULL)
        {
@@ -222,7 +223,7 @@ static int dochild(int master, const char *slavedev, const struct passwd *pass,
               passwordprogram));
 
        /* execl() password-change application */
-       if (execl("/bin/sh", "sh", "-c", passwordprogram, NULL) < 0)
+       if (execle("/bin/sh", "sh", "-c", passwordprogram, NULL, eptrs) < 0)
        {
                DEBUG(3, ("Bad status returned from %s\n", passwordprogram));
                return (False);
@@ -241,7 +242,7 @@ static int expect(int master, char *issue, char *expected)
                        if (lp_passwd_chat_debug())
                                DEBUG(100, ("expect: sending [%s]\n", issue));
 
-                       if ((len = write(master, issue, strlen(issue))) != strlen(issue)) {
+                       if ((len = sys_write(master, issue, strlen(issue))) != strlen(issue)) {
                                DEBUG(2,("expect: (short) write returned %d\n", len ));
                                return False;
                        }
@@ -415,9 +416,10 @@ while we were waiting\n", WTERMSIG(wstat)));
                /* CHILD */
 
                /*
-                * Lose any oplock capabilities.
+                * Lose any elevated privileges.
                 */
-               oplock_set_capability(False, False);
+               drop_effective_capability(KERNEL_OPLOCK_CAPABILITY);
+               drop_effective_capability(DMAPI_ACCESS_CAPABILITY);
 
                /* make sure it doesn't freeze */
                alarm(20);
@@ -497,6 +499,9 @@ BOOL chgpasswd(const char *name, const struct passwd *pass,
 #ifdef WITH_PAM
        if (lp_pam_password_change()) {
                BOOL ret;
+#ifdef HAVE_SETLOCALE
+               char *prevlocale = setlocale(LC_MESSAGES, "C");
+#endif
 
                if (as_root)
                        become_root();
@@ -510,6 +515,10 @@ BOOL chgpasswd(const char *name, const struct passwd *pass,
                if (as_root)
                        unbecome_root();
 
+#ifdef HAVE_SETLOCALE
+               setlocale(LC_MESSAGES, prevlocale);
+#endif
+
                return ret;
        }
 #endif
@@ -575,9 +584,14 @@ BOOL check_lanman_password(char *user, uchar * pass1,
        uchar unenc_new_pw[16];
        uchar unenc_old_pw[16];
        struct samu *sampass = NULL;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        const uint8 *lanman_pw;
        BOOL ret;
+
+       if ( !(sampass = samu_new(NULL)) ) {
+               DEBUG(0, ("samu_new() failed!\n"));
+               return False;
+       }
        
        become_root();
        ret = pdb_getsampwnam(sampass, user);
@@ -641,7 +655,7 @@ BOOL change_lanman_password(struct samu *sampass, uchar *pass2)
        static uchar null_pw[16];
        uchar unenc_new_pw[16];
        BOOL ret;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        const uint8 *pwd;
 
        if (sampass == NULL) {
@@ -683,7 +697,7 @@ BOOL change_lanman_password(struct samu *sampass, uchar *pass2)
                return False;   /* We lose the NT hash. Sorry. */
        }
 
-       if (!pdb_set_pass_changed_now  (sampass)) {
+       if (!pdb_set_pass_last_set_time  (sampass, time(NULL), PDB_CHANGED)) {
                TALLOC_FREE(sampass);
                /* Not quite sure what this one qualifies as, but this will do */
                return False; 
@@ -755,7 +769,7 @@ static NTSTATUS check_oem_password(const char *user,
        uint8 *password_encrypted;
        const uint8 *encryption_key;
        const uint8 *lanman_pw, *nt_pw;
-       uint16 acct_ctrl;
+       uint32 acct_ctrl;
        uint32 new_pw_len;
        uchar new_nt_hash[16];
        uchar new_lm_hash[16];
@@ -1012,41 +1026,34 @@ static BOOL check_passwd_history(struct samu *sampass, const char *plaintext)
 
 NTSTATUS change_oem_password(struct samu *hnd, char *old_passwd, char *new_passwd, BOOL as_root, uint32 *samr_reject_reason)
 {
-       uint32 min_len, min_age;
+       uint32 min_len;
        struct passwd *pass = NULL;
        const char *username = pdb_get_username(hnd);
-       time_t last_change_time = pdb_get_pass_last_set_time(hnd);
        time_t can_change_time = pdb_get_pass_can_change_time(hnd);
 
        if (samr_reject_reason) {
                *samr_reject_reason = Undefined;
        }
 
-       if (pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age)) {
-               /*
-                * Windows calculates the minimum password age check
-                * dynamically, it basically ignores the pwdcanchange
-                * timestamp. Do likewise.
-                */
-               if (last_change_time + min_age > time(NULL)) {
-                       DEBUG(1, ("user %s cannot change password now, must "
-                                 "wait until %s\n", username,
-                                 http_timestring(last_change_time+min_age)));
-                       if (samr_reject_reason) {
-                               *samr_reject_reason = REJECT_REASON_OTHER;
-                       }
-                       return NT_STATUS_ACCOUNT_RESTRICTION;
+       /* check to see if the secdesc has previously been set to disallow */
+       if (!pdb_get_pass_can_change(hnd)) {
+               DEBUG(1, ("user %s does not have permissions to change password\n", username));
+               if (samr_reject_reason) {
+                       *samr_reject_reason = REJECT_REASON_OTHER;
                }
-       } else {
-               if ((can_change_time != 0) && (time(NULL) < can_change_time)) {
-                       DEBUG(1, ("user %s cannot change password now, must "
-                                 "wait until %s\n", username,
-                                 http_timestring(can_change_time)));
-                       if (samr_reject_reason) {
-                               *samr_reject_reason = REJECT_REASON_OTHER;
-                       }
-                       return NT_STATUS_ACCOUNT_RESTRICTION;
+               return NT_STATUS_ACCOUNT_RESTRICTION;
+       }
+
+       /* removed calculation here, becuase passdb now calculates
+          based on policy.  jmcd */
+       if ((can_change_time != 0) && (time(NULL) < can_change_time)) {
+               DEBUG(1, ("user %s cannot change password now, must "
+                         "wait until %s\n", username,
+                         http_timestring(can_change_time)));
+               if (samr_reject_reason) {
+                       *samr_reject_reason = REJECT_REASON_OTHER;
                }
+               return NT_STATUS_ACCOUNT_RESTRICTION;
        }
 
        if (pdb_get_account_policy(AP_MIN_PASSWORD_LEN, &min_len) && (str_charnum(new_passwd) < min_len)) {