2 * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
3 * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free
7 * Software Foundation; either version 2 of the License, or (at your option)
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 675
17 * Mass Ave, Cambridge, MA 02139, USA.
24 static int pw_file_lock_depth
= 0;
25 extern int DEBUGLEVEL
;
27 static char s_readbuf
[1024];
29 /***************************************************************
30 Start to enumerate the smbpasswd list. Returns a void pointer
31 to ensure no modification outside this module.
32 ****************************************************************/
34 static void *startsmbfilepwent(BOOL update
)
36 return startfilepwent(lp_smb_passwd_file(), s_readbuf
, sizeof(s_readbuf
),
37 &pw_file_lock_depth
, update
);
40 /***************************************************************
41 End enumeration of the smbpasswd list.
42 ****************************************************************/
44 static void endsmbfilepwent(void *vp
)
46 endfilepwent(vp
, &pw_file_lock_depth
);
49 /*************************************************************************
50 Return the current position in the smbpasswd list as an SMB_BIG_UINT.
51 This must be treated as an opaque token.
52 *************************************************************************/
54 static SMB_BIG_UINT
getsmbfilepwpos(void *vp
)
56 return getfilepwpos(vp
);
59 /*************************************************************************
60 Set the current position in the smbpasswd list from an SMB_BIG_UINT.
61 This must be treated as an opaque token.
62 *************************************************************************/
64 static BOOL
setsmbfilepwpos(void *vp
, SMB_BIG_UINT tok
)
66 return setfilepwpos(vp
, tok
);
69 /*************************************************************************
70 Routine to return the next entry in the smbpasswd list.
71 *************************************************************************/
72 static struct smb_passwd
*getsmbfilepwent(void *vp
)
74 /* Static buffers we will return. */
75 static struct smb_passwd pw_buf
;
76 static pstring unix_name
;
77 static unsigned char smbpwd
[16];
78 static unsigned char smbntpwd
[16];
86 DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
90 pwdb_init_smb(&pw_buf
);
92 pw_buf
.acct_ctrl
= ACB_NORMAL
;
95 * Scan the file, a line at a time.
97 while ((linebuf_len
= getfileline(vp
, linebuf
, sizeof(linebuf
))) > 0)
100 * The line we have should be of the form :-
102 * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
107 * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
109 * if Windows NT compatible passwords are also present.
110 * [Account type] is an ascii encoding of the type of account.
111 * LCT-(8 hex digits) is the time_t value of the last change time.
115 * As 256 is shorter than a pstring we don't need to check
116 * length here - if this ever changes....
118 p
= strncpyn(unix_name
, linebuf
, sizeof(unix_name
), ':');
125 p
= Atoic( p
, &uidval
, ":");
127 pw_buf
.unix_name
= unix_name
;
128 pw_buf
.unix_uid
= uidval
;
131 * Now get the password value - this should be 32 hex digits
132 * which are the ascii representations of a 16 byte string.
133 * Get two at a time and put them into the password.
139 if (*p
== '*' || *p
== 'X')
141 /* Password deliberately invalid - end here. */
142 DEBUG(10, ("getsmbfilepwent: entry invalidated for unix user %s\n", unix_name
));
143 pw_buf
.smb_nt_passwd
= NULL
;
144 pw_buf
.smb_passwd
= NULL
;
145 pw_buf
.acct_ctrl
|= ACB_DISABLED
;
149 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33))
151 DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n"));
157 DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n"));
161 if (!strncasecmp( p
, "NO PASSWORD", 11))
163 pw_buf
.smb_passwd
= NULL
;
164 pw_buf
.acct_ctrl
|= ACB_PWNOTREQ
;
168 if (!pwdb_gethexpwd(p
, (char *)smbpwd
))
170 DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
173 pw_buf
.smb_passwd
= smbpwd
;
177 * Now check if the NT compatible password is
180 pw_buf
.smb_nt_passwd
= NULL
;
182 /* Move to the first character of the line after the lanman password. */
184 if ((linebuf_len
>= (PTR_DIFF(p
, linebuf
) + 33)) && (p
[32] == ':'))
186 if (*p
!= '*' && *p
!= 'X')
188 if(pwdb_gethexpwd(p
,(char *)smbntpwd
))
190 pw_buf
.smb_nt_passwd
= smbntpwd
;
193 /* Move to the first character of the line after the NT password. */
197 DEBUG(5,("getsmbfilepwent: returning passwd entry for unix user %s, unix uid %d\n",
202 pw_buf
.acct_ctrl
= pwdb_decode_acct_ctrl((char*)p
);
204 /* Must have some account type set. */
205 if (pw_buf
.acct_ctrl
== 0)
207 pw_buf
.acct_ctrl
= ACB_NORMAL
;
210 /* Now try and get the last change time. */
211 while (*p
!= ']' && *p
!= ':')
222 pw_buf
.pass_last_set_time
= pwdb_get_last_set_time(p
);
227 /* 'Old' style file. Fake up based on user name. */
229 * Currently trust accounts are kept in the same
230 * password file as 'normal accounts'. If this changes
231 * we will have to fix this code. JRA.
233 if (pw_buf
.unix_name
[strlen(pw_buf
.unix_name
) - 1] == '$')
235 pw_buf
.acct_ctrl
&= ~ACB_NORMAL
;
236 pw_buf
.acct_ctrl
|= ACB_WSTRUST
;
243 DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
247 /************************************************************************
248 Routine to add an entry to the smbpasswd file.
249 *************************************************************************/
251 static BOOL
add_smbfilepwd_entry(struct smb_passwd
*newpwd
)
253 char *pfile
= lp_smb_passwd_file();
254 struct smb_passwd
*pwd
= NULL
;
261 int new_entry_length
;
266 /* Open the smbpassword file - for update. */
267 fp
= startsmbfilepwent(True
);
270 DEBUG(0, ("add_smbfilepwd_entry: unable to open file.\n"));
275 * Scan the file, a line at a time and check if the name matches.
278 while ((pwd
= getsmbfilepwent(fp
)) != NULL
) {
279 if (strequal(newpwd
->unix_name
, pwd
->unix_name
)) {
280 DEBUG(0, ("add_smbfilepwd_entry: entry with unix name %s already exists\n", pwd
->unix_name
));
286 /* Ok - entry doesn't exist. We can add it */
288 /* Create a new smb passwd entry and set it to the given password. */
290 * The add user write needs to be atomic - so get the fd from
291 * the fp and do a raw write() call.
295 if((offpos
= sys_lseek(fd
, 0, SEEK_END
)) == -1) {
296 DEBUG(0, ("add_smbfilepwd_entry(sys_lseek): Failed to add entry for user %s to file %s. \
297 Error was %s\n", newpwd
->unix_name
, pfile
, strerror(errno
)));
302 new_entry_length
= strlen(newpwd
->unix_name
) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN
+ 1 + 13 + 2;
304 if((new_entry
= (char *)malloc( new_entry_length
)) == NULL
) {
305 DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \
306 Error was %s\n", newpwd
->unix_name
, pfile
, strerror(errno
)));
311 slprintf(new_entry
, new_entry_length
- 1, "%s:%u:", newpwd
->unix_name
, (unsigned)newpwd
->unix_uid
);
312 p
= &new_entry
[strlen(new_entry
)];
314 if(newpwd
->smb_passwd
!= NULL
) {
315 for( i
= 0; i
< 16; i
++) {
316 slprintf((char *)&p
[i
*2], new_entry_length
- (p
- new_entry
) - 1, "%02X", newpwd
->smb_passwd
[i
]);
320 if(newpwd
->acct_ctrl
& ACB_PWNOTREQ
)
321 safe_strcpy((char *)p
, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
323 safe_strcpy((char *)p
, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
330 if(newpwd
->smb_nt_passwd
!= NULL
) {
331 for( i
= 0; i
< 16; i
++) {
332 slprintf((char *)&p
[i
*2], new_entry_length
- 1 - (p
- new_entry
), "%02X", newpwd
->smb_nt_passwd
[i
]);
335 if(newpwd
->acct_ctrl
& ACB_PWNOTREQ
)
336 safe_strcpy((char *)p
, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
338 safe_strcpy((char *)p
, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
345 /* Add the account encoding and the last change time. */
346 slprintf((char *)p
, new_entry_length
- 1 - (p
- new_entry
), "%s:LCT-%08X:\n",
347 pwdb_encode_acct_ctrl(newpwd
->acct_ctrl
, NEW_PW_FORMAT_SPACE_PADDED_LEN
), (uint32
)time(NULL
));
349 #ifdef DEBUG_PASSWORD
350 DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d entry_len %d made line |%s|",
351 fd
, new_entry_length
, strlen(new_entry
), new_entry
));
354 if ((wr_len
= write(fd
, new_entry
, strlen(new_entry
))) != strlen(new_entry
)) {
355 DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \
356 Error was %s\n", wr_len
, newpwd
->unix_name
, pfile
, strerror(errno
)));
358 /* Remove the entry we just wrote. */
359 if(sys_ftruncate(fd
, offpos
) == -1) {
360 DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
361 Error was %s. Password file may be corrupt ! Please examine by hand !\n",
362 newpwd
->unix_name
, strerror(errno
)));
375 /************************************************************************
376 Routine to search the smbpasswd file for an entry matching the username.
377 and then modify its password entry. We can't use the startsmbpwent()/
378 getsmbpwent()/endsmbpwent() interfaces here as we depend on looking
379 in the actual file to decide how much room we have to write data.
380 override = False, normal
381 override = True, override XXXXXXXX'd out password or NO PASS
382 ************************************************************************/
384 static BOOL
mod_smbfilepwd_entry(struct smb_passwd
* pwd
, BOOL override
)
386 /* Static buffers we will return. */
387 static pstring unix_name
;
394 unsigned char *p
= NULL
;
395 size_t linebuf_len
= 0;
398 char *pfile
= lp_smb_passwd_file();
399 BOOL found_entry
= False
;
400 BOOL got_pass_last_set_time
= False
;
402 SMB_OFF_T pwd_seekpos
= 0;
409 DEBUG(0, ("No SMB password file set\n"));
412 DEBUG(10, ("mod_smbfilepwd_entry: opening file %s\n", pfile
));
414 fp
= sys_fopen(pfile
, "r+");
417 DEBUG(0, ("mod_smbfilepwd_entry: unable to open file %s\n", pfile
));
420 /* Set a buffer to do more efficient reads */
421 setvbuf(fp
, readbuf
, _IOFBF
, sizeof(readbuf
));
425 if (!file_lock(lockfd
, F_WRLCK
, 5, &pw_file_lock_depth
)) {
426 DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile
));
431 /* Make sure it is only rw by the owner */
434 /* We have a write lock on the file. */
436 * Scan the file, a line at a time and check if the name matches.
439 pwd_seekpos
= sys_ftell(fp
);
443 fgets(linebuf
, sizeof(linebuf
), fp
);
445 file_unlock(lockfd
, &pw_file_lock_depth
);
451 * Check if the string is terminated with a newline - if not
452 * then we must keep reading and discard until we get one.
454 linebuf_len
= strlen(linebuf
);
455 if (linebuf
[linebuf_len
- 1] != '\n') {
457 while (!ferror(fp
) && !feof(fp
)) {
464 linebuf
[linebuf_len
- 1] = '\0';
467 #ifdef DEBUG_PASSWORD
468 DEBUG(100, ("mod_smbfilepwd_entry: got line |%s|\n", linebuf
));
471 if ((linebuf
[0] == 0) && feof(fp
)) {
472 DEBUG(4, ("mod_smbfilepwd_entry: end of file reached\n"));
477 * The line we have should be of the form :-
479 * username:uid:[32hex bytes]:....other flags presently
484 * username:uid:[32hex bytes]:[32hex bytes]:[attributes]:LCT-XXXXXXXX:...ignored.
486 * if Windows NT compatible passwords are also present.
489 if (linebuf
[0] == '#' || linebuf
[0] == '\0') {
490 DEBUG(6, ("mod_smbfilepwd_entry: skipping comment or blank line\n"));
494 p
= (unsigned char *) strchr(linebuf
, ':');
497 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no :)\n"));
502 * As 256 is shorter than a pstring we don't need to check
503 * length here - if this ever changes....
505 strncpy(unix_name
, linebuf
, PTR_DIFF(p
, linebuf
));
506 unix_name
[PTR_DIFF(p
, linebuf
)] = '\0';
507 if (strequal(unix_name
, pwd
->unix_name
)) {
514 file_unlock(lockfd
, &pw_file_lock_depth
);
519 DEBUG(6, ("mod_smbfilepwd_entry: entry exists\n"));
521 /* User name matches - get uid and password */
522 p
++; /* Go past ':' */
525 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (uid not number)\n"));
526 file_unlock(lockfd
, &pw_file_lock_depth
);
531 while (*p
&& isdigit(*p
))
534 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no : after uid)\n"));
535 file_unlock(lockfd
, &pw_file_lock_depth
);
541 * Now get the password value - this should be 32 hex digits
542 * which are the ascii representations of a 16 byte string.
543 * Get two at a time and put them into the password.
547 /* Record exact password position */
548 pwd_seekpos
+= PTR_DIFF(p
, linebuf
);
550 if (!override
&& (*p
== '*' || *p
== 'X')) {
551 /* Password deliberately invalid - end here. */
552 DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for unix user %s\n", unix_name
));
553 file_unlock(lockfd
, &pw_file_lock_depth
);
558 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33)) {
559 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
560 file_unlock(lockfd
,&pw_file_lock_depth
);
566 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
567 file_unlock(lockfd
,&pw_file_lock_depth
);
572 if (!override
&& (*p
== '*' || *p
== 'X')) {
573 file_unlock(lockfd
,&pw_file_lock_depth
);
578 /* Now check if the NT compatible password is
580 p
+= 33; /* Move to the first character of the line after
581 the lanman password. */
582 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33)) {
583 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
584 file_unlock(lockfd
,&pw_file_lock_depth
);
590 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
591 file_unlock(lockfd
,&pw_file_lock_depth
);
597 * Now check if the account info and the password last
598 * change time is available.
600 p
+= 33; /* Move to the first character of the line after
604 * If both NT and lanman passwords are provided - reset password
608 if(pwd
->smb_passwd
!= NULL
|| pwd
->smb_nt_passwd
!= NULL
) {
609 /* Reqiure password in the future (should ACB_DISABLED also be reset?) */
610 pwd
->acct_ctrl
&= ~(ACB_PWNOTREQ
);
616 encode_bits
[i
++] = *p
++;
617 while((linebuf_len
> PTR_DIFF(p
, linebuf
)) && (*p
!= ']'))
618 encode_bits
[i
++] = *p
++;
620 encode_bits
[i
++] = ']';
621 encode_bits
[i
++] = '\0';
623 if(i
== NEW_PW_FORMAT_SPACE_PADDED_LEN
) {
625 * We are using a new format, space padded
626 * acct ctrl field. Encode the given acct ctrl
629 fstrcpy(encode_bits
, pwdb_encode_acct_ctrl(pwd
->acct_ctrl
, NEW_PW_FORMAT_SPACE_PADDED_LEN
));
632 * If using the old format and the ACB_DISABLED or
633 * ACB_PWNOTREQ are set then set the lanman and NT passwords to NULL
634 * here as we have no space to encode the change.
636 if(pwd
->acct_ctrl
& (ACB_DISABLED
|ACB_PWNOTREQ
)) {
637 pwd
->smb_passwd
= NULL
;
638 pwd
->smb_nt_passwd
= NULL
;
642 /* Go past the ']' */
643 if(linebuf_len
> PTR_DIFF(p
, linebuf
))
646 if((linebuf_len
> PTR_DIFF(p
, linebuf
)) && (*p
== ':')) {
649 /* We should be pointing at the LCT entry. */
650 if((linebuf_len
> (PTR_DIFF(p
, linebuf
) + 13)) && (StrnCaseCmp((char *)p
, "LCT-", 4) == 0)) {
653 for(i
= 0; i
< 8; i
++) {
654 if(p
[i
] == '\0' || !isxdigit(p
[i
]))
659 * p points at 8 characters of hex digits -
660 * read into a time_t as the seconds since
661 * 1970 that the password was last changed.
663 got_pass_last_set_time
= True
;
665 } /* *p && StrnCaseCmp() */
669 /* Entry is correctly formed. */
671 /* Create the 32 byte representation of the new p16 */
672 if(pwd
->smb_passwd
!= NULL
) {
673 for (i
= 0; i
< 16; i
++) {
674 slprintf(&ascii_p16
[i
*2], sizeof(fstring
) - 1, "%02X", (uchar
) pwd
->smb_passwd
[i
]);
677 if(pwd
->acct_ctrl
& ACB_PWNOTREQ
)
678 fstrcpy(ascii_p16
, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
680 fstrcpy(ascii_p16
, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
683 /* Add on the NT md4 hash */
686 if (pwd
->smb_nt_passwd
!= NULL
) {
687 for (i
= 0; i
< 16; i
++) {
688 slprintf(&ascii_p16
[(i
*2)+33], sizeof(fstring
) - 1, "%02X", (uchar
) pwd
->smb_nt_passwd
[i
]);
691 if(pwd
->acct_ctrl
& ACB_PWNOTREQ
)
692 fstrcpy(&ascii_p16
[33], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
694 fstrcpy(&ascii_p16
[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
697 ascii_p16
[66] = '\0'; /* null-terminate the string so that strlen works */
699 /* Add on the account info bits and the time of last
702 pwd
->pass_last_set_time
= time(NULL
);
704 if(got_pass_last_set_time
) {
705 slprintf(&ascii_p16
[strlen(ascii_p16
)],
706 sizeof(ascii_p16
)-(strlen(ascii_p16
)+1),
708 encode_bits
, (uint32
)pwd
->pass_last_set_time
);
709 wr_len
= strlen(ascii_p16
);
712 #ifdef DEBUG_PASSWORD
713 DEBUG(100,("mod_smbfilepwd_entry: "));
714 dump_data(100, ascii_p16
, wr_len
);
717 if(wr_len
> sizeof(linebuf
)) {
718 DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len
+1));
719 file_unlock(lockfd
,&pw_file_lock_depth
);
725 * Do an atomic write into the file at the position defined by
729 /* The mod user write needs to be atomic - so get the fd from
730 the fp and do a raw write() call.
735 if (sys_lseek(fd
, pwd_seekpos
- 1, SEEK_SET
) != pwd_seekpos
- 1) {
736 DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile
));
737 file_unlock(lockfd
,&pw_file_lock_depth
);
742 /* Sanity check - ensure the areas we are writing are framed by ':' */
743 if (read(fd
, linebuf
, wr_len
+1) != wr_len
+1) {
744 DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile
));
745 file_unlock(lockfd
,&pw_file_lock_depth
);
750 if ((linebuf
[0] != ':') || (linebuf
[wr_len
] != ':')) {
751 DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile
));
752 file_unlock(lockfd
,&pw_file_lock_depth
);
757 if (sys_lseek(fd
, pwd_seekpos
, SEEK_SET
) != pwd_seekpos
) {
758 DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile
));
759 file_unlock(lockfd
,&pw_file_lock_depth
);
764 if (write(fd
, ascii_p16
, wr_len
) != wr_len
) {
765 DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile
));
766 file_unlock(lockfd
,&pw_file_lock_depth
);
771 file_unlock(lockfd
,&pw_file_lock_depth
);
776 static struct smb_passdb_ops file_ops
= {
781 iterate_getsmbpwnam
, /* In passdb.c */
782 iterate_getsmbpwuid
, /* In passdb.c */
784 add_smbfilepwd_entry
,
788 struct smb_passdb_ops
*file_initialise_password_db(void)
794 /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
795 void smbpass_dummy_function(void) { } /* stop some compilers complaining */
796 #endif /* USE_SMBPASS_DB */