2 * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
3 * Copyright (C) Andrew Tridgell 1992-1997 Modified by Jeremy Allison 1995.
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free
7 * Software Foundation; either version 2 of the License, or (at your option)
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 675
17 * Mass Ave, Cambridge, MA 02139, USA.
22 extern int DEBUGLEVEL
;
33 do_pw_lock(int fd
, int waitsecs
, int type
)
39 signal(SIGALRM
, SIGNAL_CAST gotalarm_sig
);
42 lock
.l_whence
= SEEK_SET
;
48 ret
= fcntl(fd
, F_SETLKW
, &lock
);
50 signal(SIGALRM
, SIGNAL_CAST SIG_DFL
);
53 DEBUG(0, ("do_pw_lock: failed to %s SMB passwd file.\n",
54 type
== F_UNLCK
? "unlock" : "lock"));
60 int pw_file_lock(char *name
, int type
, int secs
)
62 int fd
= open(name
, O_RDWR
| O_CREAT
, 0600);
65 if (do_pw_lock(fd
, secs
, type
)) {
72 int pw_file_unlock(int fd
)
74 do_pw_lock(fd
, 5, F_UNLCK
);
79 * Routine to get the next 32 hex characters and turn them
80 * into a 16 byte array.
83 static int gethexpwd(char *p
, char *pwd
)
86 unsigned char lonybble
, hinybble
;
87 char *hexchars
= "0123456789ABCDEF";
90 for (i
= 0; i
< 32; i
+= 2) {
91 hinybble
= toupper(p
[i
]);
92 lonybble
= toupper(p
[i
+ 1]);
94 p1
= strchr(hexchars
, hinybble
);
95 p2
= strchr(hexchars
, lonybble
);
98 hinybble
= PTR_DIFF(p1
, hexchars
);
99 lonybble
= PTR_DIFF(p2
, hexchars
);
101 pwd
[i
/ 2] = (hinybble
<< 4) | lonybble
;
107 * Routine to search the smbpasswd file for an entry matching the username.
109 struct smb_passwd
*get_smbpwnam(char *name
)
111 /* Static buffers we will return. */
112 static struct smb_passwd pw_buf
;
113 static pstring user_name
;
114 static unsigned char smbpwd
[16];
115 static unsigned char smbntpwd
[16];
117 char readbuf
[16 * 1024];
124 char *pfile
= lp_smb_passwd_file();
127 DEBUG(0, ("No SMB password file set\n"));
130 DEBUG(10, ("get_smbpwnam: opening file %s\n", pfile
));
132 fp
= fopen(pfile
, "r");
135 DEBUG(0, ("get_smbpwnam: unable to open file %s\n", pfile
));
138 /* Set a 16k buffer to do more efficient reads */
139 setvbuf(fp
, readbuf
, _IOFBF
, sizeof(readbuf
));
141 if ((lockfd
= pw_file_lock(pfile
, F_RDLCK
, 5)) < 0) {
142 DEBUG(0, ("get_smbpwnam: unable to lock file %s\n", pfile
));
146 /* make sure it is only rw by the owner */
149 /* We have a read lock on the file. */
151 * Scan the file, a line at a time and check if the name matches.
156 fgets(linebuf
, 256, fp
);
159 pw_file_unlock(lockfd
);
163 * Check if the string is terminated with a newline - if not
164 * then we must keep reading and discard until we get one.
166 linebuf_len
= strlen(linebuf
);
167 if (linebuf
[linebuf_len
- 1] != '\n') {
169 while (!ferror(fp
) && !feof(fp
)) {
175 linebuf
[linebuf_len
- 1] = '\0';
177 #ifdef DEBUG_PASSWORD
178 DEBUG(100, ("get_smbpwnam: got line |%s|\n", linebuf
));
180 if ((linebuf
[0] == 0) && feof(fp
)) {
181 DEBUG(4, ("get_smbpwnam: end of file reached\n"));
185 * The line we have should be of the form :-
187 * username:uid:[32hex bytes]:....other flags presently
192 * username:uid:[32hex bytes]:[32hex bytes]:....ignored....
194 * if Windows NT compatible passwords are also present.
197 if (linebuf
[0] == '#' || linebuf
[0] == '\0') {
198 DEBUG(6, ("get_smbpwnam: skipping comment or blank line\n"));
201 p
= (unsigned char *) strchr(linebuf
, ':');
203 DEBUG(0, ("get_smbpwnam: malformed password entry (no :)\n"));
207 * As 256 is shorter than a pstring we don't need to check
208 * length here - if this ever changes....
210 strncpy(user_name
, linebuf
, PTR_DIFF(p
, linebuf
));
211 user_name
[PTR_DIFF(p
, linebuf
)] = '\0';
212 if (!strequal(user_name
, name
))
215 /* User name matches - get uid and password */
216 p
++; /* Go past ':' */
218 DEBUG(0, ("get_smbpwnam: malformed password entry (uid not number)\n"));
220 pw_file_unlock(lockfd
);
223 uidval
= atoi((char *) p
);
224 while (*p
&& isdigit(*p
))
227 DEBUG(0, ("get_smbpwnam: malformed password entry (no : after uid)\n"));
229 pw_file_unlock(lockfd
);
233 * Now get the password value - this should be 32 hex digits
234 * which are the ascii representations of a 16 byte string.
235 * Get two at a time and put them into the password.
238 if (*p
== '*' || *p
== 'X') {
239 /* Password deliberately invalid - end here. */
240 DEBUG(10, ("get_smbpwnam: entry invalidated for user %s\n", user_name
));
242 pw_file_unlock(lockfd
);
245 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33)) {
246 DEBUG(0, ("get_smbpwnam: malformed password entry (passwd too short)\n"));
248 pw_file_unlock(lockfd
);
252 DEBUG(0, ("get_smbpwnam: malformed password entry (no terminating :)\n"));
254 pw_file_unlock(lockfd
);
257 if (!strncasecmp((char *) p
, "NO PASSWORD", 11)) {
258 pw_buf
.smb_passwd
= NULL
;
260 if(!gethexpwd((char *)p
,(char *)smbpwd
)) {
261 DEBUG(0, ("Malformed Lanman password entry (non hex chars)\n"));
263 pw_file_unlock(lockfd
);
266 pw_buf
.smb_passwd
= smbpwd
;
268 pw_buf
.smb_name
= user_name
;
269 pw_buf
.smb_userid
= uidval
;
270 pw_buf
.smb_nt_passwd
= NULL
;
272 /* Now check if the NT compatible password is
274 p
+= 33; /* Move to the first character of the line after
275 the lanman password. */
276 if ((linebuf_len
>= (PTR_DIFF(p
, linebuf
) + 33)) && (p
[32] == ':')) {
277 if (*p
!= '*' && *p
!= 'X') {
278 if(gethexpwd((char *)p
,(char *)smbntpwd
))
279 pw_buf
.smb_nt_passwd
= smbntpwd
;
284 pw_file_unlock(lockfd
);
285 DEBUG(5, ("get_smbpwname: returning passwd entry for user %s, uid %d\n",
291 pw_file_unlock(lockfd
);