2 * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
3 * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free
7 * Software Foundation; either version 2 of the License, or (at your option)
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 675
17 * Mass Ave, Cambridge, MA 02139, USA.
24 extern int pw_file_lock_depth
;
25 extern int DEBUGLEVEL
;
26 extern pstring samlogon_user
;
27 extern BOOL sam_logon_in_ssb
;
29 static char s_readbuf
[1024];
31 /***************************************************************
32 Start to enumerate the smbpasswd list. Returns a void pointer
33 to ensure no modification outside this module.
34 ****************************************************************/
36 static void *startsmbfilepwent(BOOL update
)
39 char *pfile
= lp_smb_passwd_file();
42 DEBUG(0, ("startsmbfilepwent: No SMB password file set\n"));
45 DEBUG(10, ("startsmbfilepwent: opening file %s\n", pfile
));
47 fp
= fopen(pfile
, update
? "r+b" : "rb");
50 DEBUG(0, ("startsmbfilepwent: unable to open file %s\n", pfile
));
54 /* Set a buffer to do more efficient reads */
55 setvbuf(fp
, s_readbuf
, _IOFBF
, sizeof(s_readbuf
));
57 if (!pw_file_lock(fileno(fp
), (update
? F_WRLCK
: F_RDLCK
), 5, &pw_file_lock_depth
))
59 DEBUG(0, ("startsmbfilepwent: unable to lock file %s\n", pfile
));
64 /* Make sure it is only rw by the owner */
67 /* We have a lock on the file. */
71 /***************************************************************
72 End enumeration of the smbpasswd list.
73 ****************************************************************/
75 static void endsmbfilepwent(void *vp
)
77 FILE *fp
= (FILE *)vp
;
79 pw_file_unlock(fileno(fp
), &pw_file_lock_depth
);
81 DEBUG(7, ("endsmbfilepwent: closed password file.\n"));
84 /*************************************************************************
85 Routine to return the next entry in the smbpasswd list.
86 *************************************************************************/
87 static struct smb_passwd
*getsmbfilepwent(void *vp
)
89 /* Static buffers we will return. */
90 static struct smb_passwd pw_buf
;
91 static pstring user_name
;
92 static unsigned char smbpwd
[16];
93 static unsigned char smbntpwd
[16];
94 FILE *fp
= (FILE *)vp
;
102 DEBUG(0,("getsmbfilepwent: Bad password file pointer.\n"));
106 pdb_init_smb(&pw_buf
);
108 pw_buf
.acct_ctrl
= ACB_NORMAL
;
111 * Scan the file, a line at a time and check if the name matches.
116 fgets(linebuf
, 256, fp
);
122 * Check if the string is terminated with a newline - if not
123 * then we must keep reading and discard until we get one.
125 linebuf_len
= strlen(linebuf
);
126 if (linebuf
[linebuf_len
- 1] != '\n') {
128 while (!ferror(fp
) && !feof(fp
)) {
134 linebuf
[linebuf_len
- 1] = '\0';
136 #ifdef DEBUG_PASSWORD
137 DEBUG(100, ("getsmbfilepwent: got line |%s|\n", linebuf
));
139 if ((linebuf
[0] == 0) && feof(fp
)) {
140 DEBUG(4, ("getsmbfilepwent: end of file reached\n"));
144 * The line we have should be of the form :-
146 * username:uid:32hex bytes:[Account type]:LCT-12345678....other flags presently
151 * username:uid:32hex bytes:32hex bytes:[Account type]:LCT-12345678....ignored....
153 * if Windows NT compatible passwords are also present.
154 * [Account type] is an ascii encoding of the type of account.
155 * LCT-(8 hex digits) is the time_t value of the last change time.
158 if (linebuf
[0] == '#' || linebuf
[0] == '\0') {
159 DEBUG(6, ("getsmbfilepwent: skipping comment or blank line\n"));
162 p
= (unsigned char *) strchr(linebuf
, ':');
164 DEBUG(0, ("getsmbfilepwent: malformed password entry (no :)\n"));
168 * As 256 is shorter than a pstring we don't need to check
169 * length here - if this ever changes....
171 strncpy(user_name
, linebuf
, PTR_DIFF(p
, linebuf
));
172 user_name
[PTR_DIFF(p
, linebuf
)] = '\0';
176 p
++; /* Go past ':' */
178 DEBUG(0, ("getsmbfilepwent: malformed password entry (uid not number)\n"));
182 uidval
= atoi((char *) p
);
184 while (*p
&& isdigit(*p
))
188 DEBUG(0, ("getsmbfilepwent: malformed password entry (no : after uid)\n"));
192 pw_buf
.smb_name
= user_name
;
193 pw_buf
.smb_userid
= uidval
;
196 * Now get the password value - this should be 32 hex digits
197 * which are the ascii representations of a 16 byte string.
198 * Get two at a time and put them into the password.
204 if (*p
== '*' || *p
== 'X') {
205 /* Password deliberately invalid - end here. */
206 DEBUG(10, ("getsmbfilepwent: entry invalidated for user %s\n", user_name
));
207 pw_buf
.smb_nt_passwd
= NULL
;
208 pw_buf
.smb_passwd
= NULL
;
209 pw_buf
.acct_ctrl
|= ACB_DISABLED
;
213 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33)) {
214 DEBUG(0, ("getsmbfilepwent: malformed password entry (passwd too short)\n"));
219 DEBUG(0, ("getsmbfilepwent: malformed password entry (no terminating :)\n"));
223 if (!strncasecmp((char *) p
, "NO PASSWORD", 11)) {
224 pw_buf
.smb_passwd
= NULL
;
225 pw_buf
.acct_ctrl
|= ACB_PWNOTREQ
;
227 if (!pdb_gethexpwd((char *)p
, (char *)smbpwd
)) {
228 DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
231 pw_buf
.smb_passwd
= smbpwd
;
235 * Now check if the NT compatible password is
238 pw_buf
.smb_nt_passwd
= NULL
;
240 p
+= 33; /* Move to the first character of the line after
241 the lanman password. */
242 if ((linebuf_len
>= (PTR_DIFF(p
, linebuf
) + 33)) && (p
[32] == ':')) {
243 if (*p
!= '*' && *p
!= 'X') {
244 if(pdb_gethexpwd((char *)p
,(char *)smbntpwd
))
245 pw_buf
.smb_nt_passwd
= smbntpwd
;
247 p
+= 33; /* Move to the first character of the line after
251 DEBUG(5,("getsmbfilepwent: returning passwd entry for user %s, uid %ld\n",
256 pw_buf
.acct_ctrl
= pdb_decode_acct_ctrl((char*)p
);
258 /* Must have some account type set. */
259 if(pw_buf
.acct_ctrl
== 0)
260 pw_buf
.acct_ctrl
= ACB_NORMAL
;
262 /* Now try and get the last change time. */
267 if(*p
&& (StrnCaseCmp((char *)p
, "LCT-", 4)==0)) {
270 for(i
= 0; i
< 8; i
++) {
271 if(p
[i
] == '\0' || !isxdigit(p
[i
]))
276 * p points at 8 characters of hex digits -
277 * read into a time_t as the seconds since
278 * 1970 that the password was last changed.
280 pw_buf
.pass_last_set_time
= (time_t)strtol((char *)p
, NULL
, 16);
285 /* 'Old' style file. Fake up based on user name. */
287 * Currently trust accounts are kept in the same
288 * password file as 'normal accounts'. If this changes
289 * we will have to fix this code. JRA.
291 if(pw_buf
.smb_name
[strlen(pw_buf
.smb_name
) - 1] == '$') {
292 pw_buf
.acct_ctrl
&= ~ACB_NORMAL
;
293 pw_buf
.acct_ctrl
|= ACB_WSTRUST
;
300 DEBUG(5,("getsmbfilepwent: end of file reached.\n"));
304 /*************************************************************************
305 Routine to return the next entry in the smbpasswd list.
306 this function is a nice, messy combination of reading:
308 - the unix password database
309 - smb.conf options (not done at present).
310 *************************************************************************/
312 static struct sam_passwd
*getsmbfile21pwent(void *vp
)
314 struct smb_passwd
*pw_buf
= getsmbfilepwent(vp
);
315 static struct sam_passwd user
;
316 struct passwd
*pwfile
;
318 static pstring full_name
;
319 static pstring home_dir
;
320 static pstring home_drive
;
321 static pstring logon_script
;
322 static pstring profile_path
;
323 static pstring acct_desc
;
324 static pstring workstations
;
326 if (pw_buf
== NULL
) return NULL
;
328 pwfile
= getpwnam(pw_buf
->smb_name
);
329 if (pwfile
== NULL
) return NULL
;
333 pstrcpy(samlogon_user
, pw_buf
->smb_name
);
335 if (samlogon_user
[strlen(samlogon_user
)-1] != '$')
337 /* XXXX hack to get standard_sub_basic() to use sam logon username */
338 /* possibly a better way would be to do a become_user() call */
339 sam_logon_in_ssb
= True
;
341 user
.smb_userid
= pw_buf
->smb_userid
;
342 user
.smb_grpid
= pwfile
->pw_gid
;
344 user
.user_rid
= pdb_uid_to_user_rid (user
.smb_userid
);
345 user
.group_rid
= pdb_gid_to_group_rid(user
.smb_grpid
);
347 pstrcpy(full_name
, pwfile
->pw_gecos
);
348 pstrcpy(logon_script
, lp_logon_script ());
349 pstrcpy(profile_path
, lp_logon_path ());
350 pstrcpy(home_drive
, lp_logon_drive ());
351 pstrcpy(home_dir
, lp_logon_home ());
352 pstrcpy(acct_desc
, "");
353 pstrcpy(workstations
, "");
355 sam_logon_in_ssb
= False
;
359 user
.smb_userid
= pw_buf
->smb_userid
;
360 user
.smb_grpid
= pwfile
->pw_gid
;
362 user
.user_rid
= pdb_uid_to_user_rid (user
.smb_userid
);
363 user
.group_rid
= DOMAIN_GROUP_RID_USERS
; /* lkclXXXX this is OBSERVED behaviour by NT PDCs, enforced here. */
365 pstrcpy(full_name
, "");
366 pstrcpy(logon_script
, "");
367 pstrcpy(profile_path
, "");
368 pstrcpy(home_drive
, "");
369 pstrcpy(home_dir
, "");
370 pstrcpy(acct_desc
, "");
371 pstrcpy(workstations
, "");
374 user
.smb_name
= pw_buf
->smb_name
;
375 user
.full_name
= full_name
;
376 user
.home_dir
= home_dir
;
377 user
.dir_drive
= home_drive
;
378 user
.logon_script
= logon_script
;
379 user
.profile_path
= profile_path
;
380 user
.acct_desc
= acct_desc
;
381 user
.workstations
= workstations
;
383 user
.unknown_str
= NULL
; /* don't know, yet! */
384 user
.munged_dial
= NULL
; /* "munged" dial-back telephone number */
386 user
.smb_nt_passwd
= pw_buf
->smb_nt_passwd
;
387 user
.smb_passwd
= pw_buf
->smb_passwd
;
389 user
.acct_ctrl
= pw_buf
->acct_ctrl
;
391 user
.unknown_3
= 0xffffff; /* don't know */
392 user
.logon_divs
= 168; /* hours per week */
393 user
.hours_len
= 21; /* 21 times 8 bits = 168 */
394 memset(user
.hours
, 0xff, user
.hours_len
); /* available at all hours */
395 user
.unknown_5
= 0x00020000; /* don't know */
396 user
.unknown_5
= 0x000004ec; /* don't know */
401 /*************************************************************************
402 Return the current position in the smbpasswd list as an SMB_BIG_UINT.
403 This must be treated as an opaque token.
404 *************************************************************************/
406 static SMB_BIG_UINT
getsmbfilepwpos(void *vp
)
408 return (SMB_BIG_UINT
)sys_ftell((FILE *)vp
);
411 /*************************************************************************
412 Set the current position in the smbpasswd list from an SMB_BIG_UINT.
413 This must be treated as an opaque token.
414 *************************************************************************/
416 static BOOL
setsmbfilepwpos(void *vp
, SMB_BIG_UINT tok
)
418 return !sys_fseek((FILE *)vp
, (SMB_OFF_T
)tok
, SEEK_SET
);
421 /************************************************************************
422 Routine to add an entry to the smbpasswd file.
423 *************************************************************************/
425 static BOOL
add_smbfilepwd_entry(struct smb_passwd
*newpwd
)
427 char *pfile
= lp_smb_passwd_file();
428 struct smb_passwd
*pwd
= NULL
;
435 int new_entry_length
;
440 /* Open the smbpassword file - for update. */
441 fp
= startsmbfilepwent(True
);
444 DEBUG(0, ("add_smbfilepwd_entry: unable to open file.\n"));
449 * Scan the file, a line at a time and check if the name matches.
452 while ((pwd
= getsmbfilepwent(fp
)) != NULL
) {
453 if (strequal(newpwd
->smb_name
, pwd
->smb_name
)) {
454 DEBUG(0, ("add_smbfilepwd_entry: entry with name %s already exists\n", pwd
->smb_name
));
460 /* Ok - entry doesn't exist. We can add it */
462 /* Create a new smb passwd entry and set it to the given password. */
464 * The add user write needs to be atomic - so get the fd from
465 * the fp and do a raw write() call.
469 if((offpos
= sys_lseek(fd
, 0, SEEK_END
)) == -1) {
470 DEBUG(0, ("add_smbfilepwd_entry(sys_lseek): Failed to add entry for user %s to file %s. \
471 Error was %s\n", newpwd
->smb_name
, pfile
, strerror(errno
)));
476 new_entry_length
= strlen(newpwd
->smb_name
) + 1 + 15 + 1 + 32 + 1 + 32 + 1 + NEW_PW_FORMAT_SPACE_PADDED_LEN
+ 1 + 13 + 2;
478 if((new_entry
= (char *)malloc( new_entry_length
)) == NULL
) {
479 DEBUG(0, ("add_smbfilepwd_entry(malloc): Failed to add entry for user %s to file %s. \
480 Error was %s\n", newpwd
->smb_name
, pfile
, strerror(errno
)));
485 slprintf(new_entry
, new_entry_length
- 1, "%s:%u:", newpwd
->smb_name
, (unsigned)newpwd
->smb_userid
);
486 p
= &new_entry
[strlen(new_entry
)];
488 if(newpwd
->smb_passwd
!= NULL
) {
489 for( i
= 0; i
< 16; i
++) {
490 slprintf((char *)&p
[i
*2], new_entry_length
- (p
- new_entry
) - 1, "%02X", newpwd
->smb_passwd
[i
]);
494 if(newpwd
->acct_ctrl
& ACB_PWNOTREQ
)
495 safe_strcpy((char *)p
, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
497 safe_strcpy((char *)p
, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
504 if(newpwd
->smb_nt_passwd
!= NULL
) {
505 for( i
= 0; i
< 16; i
++) {
506 slprintf((char *)&p
[i
*2], new_entry_length
- 1 - (p
- new_entry
), "%02X", newpwd
->smb_nt_passwd
[i
]);
509 if(newpwd
->acct_ctrl
& ACB_PWNOTREQ
)
510 safe_strcpy((char *)p
, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
512 safe_strcpy((char *)p
, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", new_entry_length
- 1 - (p
- new_entry
));
519 /* Add the account encoding and the last change time. */
520 slprintf((char *)p
, new_entry_length
- 1 - (p
- new_entry
), "%s:LCT-%08X:\n",
521 pdb_encode_acct_ctrl(newpwd
->acct_ctrl
, NEW_PW_FORMAT_SPACE_PADDED_LEN
), (uint32
)time(NULL
));
523 #ifdef DEBUG_PASSWORD
524 DEBUG(100, ("add_smbfilepwd_entry(%d): new_entry_len %d entry_len %d made line |%s|",
525 fd
, new_entry_length
, strlen(new_entry
), new_entry
));
528 if ((wr_len
= write(fd
, new_entry
, strlen(new_entry
))) != strlen(new_entry
)) {
529 DEBUG(0, ("add_smbfilepwd_entry(write): %d Failed to add entry for user %s to file %s. \
530 Error was %s\n", wr_len
, newpwd
->smb_name
, pfile
, strerror(errno
)));
532 /* Remove the entry we just wrote. */
533 if(sys_ftruncate(fd
, offpos
) == -1) {
534 DEBUG(0, ("add_smbfilepwd_entry: ERROR failed to ftruncate file %s. \
535 Error was %s. Password file may be corrupt ! Please examine by hand !\n",
536 newpwd
->smb_name
, strerror(errno
)));
549 /************************************************************************
550 Routine to search the smbpasswd file for an entry matching the username.
551 and then modify its password entry. We can't use the startsmbpwent()/
552 getsmbpwent()/endsmbpwent() interfaces here as we depend on looking
553 in the actual file to decide how much room we have to write data.
554 override = False, normal
555 override = True, override XXXXXXXX'd out password or NO PASS
556 ************************************************************************/
558 static BOOL
mod_smbfilepwd_entry(struct smb_passwd
* pwd
, BOOL override
)
560 /* Static buffers we will return. */
561 static pstring user_name
;
568 unsigned char *p
= NULL
;
569 long linebuf_len
= 0;
572 char *pfile
= lp_smb_passwd_file();
573 BOOL found_entry
= False
;
574 BOOL got_pass_last_set_time
= False
;
576 SMB_OFF_T pwd_seekpos
= 0;
583 DEBUG(0, ("No SMB password file set\n"));
586 DEBUG(10, ("mod_smbfilepwd_entry: opening file %s\n", pfile
));
588 fp
= fopen(pfile
, "r+");
591 DEBUG(0, ("mod_smbfilepwd_entry: unable to open file %s\n", pfile
));
594 /* Set a buffer to do more efficient reads */
595 setvbuf(fp
, readbuf
, _IOFBF
, sizeof(readbuf
));
599 if (!pw_file_lock(lockfd
, F_WRLCK
, 5, &pw_file_lock_depth
)) {
600 DEBUG(0, ("mod_smbfilepwd_entry: unable to lock file %s\n", pfile
));
605 /* Make sure it is only rw by the owner */
608 /* We have a write lock on the file. */
610 * Scan the file, a line at a time and check if the name matches.
613 pwd_seekpos
= sys_ftell(fp
);
617 fgets(linebuf
, sizeof(linebuf
), fp
);
619 pw_file_unlock(lockfd
, &pw_file_lock_depth
);
625 * Check if the string is terminated with a newline - if not
626 * then we must keep reading and discard until we get one.
628 linebuf_len
= strlen(linebuf
);
629 if (linebuf
[linebuf_len
- 1] != '\n') {
631 while (!ferror(fp
) && !feof(fp
)) {
638 linebuf
[linebuf_len
- 1] = '\0';
641 #ifdef DEBUG_PASSWORD
642 DEBUG(100, ("mod_smbfilepwd_entry: got line |%s|\n", linebuf
));
645 if ((linebuf
[0] == 0) && feof(fp
)) {
646 DEBUG(4, ("mod_smbfilepwd_entry: end of file reached\n"));
651 * The line we have should be of the form :-
653 * username:uid:[32hex bytes]:....other flags presently
658 * username:uid:[32hex bytes]:[32hex bytes]:[attributes]:LCT-XXXXXXXX:...ignored.
660 * if Windows NT compatible passwords are also present.
663 if (linebuf
[0] == '#' || linebuf
[0] == '\0') {
664 DEBUG(6, ("mod_smbfilepwd_entry: skipping comment or blank line\n"));
668 p
= (unsigned char *) strchr(linebuf
, ':');
671 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no :)\n"));
676 * As 256 is shorter than a pstring we don't need to check
677 * length here - if this ever changes....
679 strncpy(user_name
, linebuf
, PTR_DIFF(p
, linebuf
));
680 user_name
[PTR_DIFF(p
, linebuf
)] = '\0';
681 if (strequal(user_name
, pwd
->smb_name
)) {
687 if (!found_entry
) return False
;
689 DEBUG(6, ("mod_smbfilepwd_entry: entry exists\n"));
691 /* User name matches - get uid and password */
692 p
++; /* Go past ':' */
695 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (uid not number)\n"));
696 pw_file_unlock(lockfd
, &pw_file_lock_depth
);
701 while (*p
&& isdigit(*p
))
704 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no : after uid)\n"));
705 pw_file_unlock(lockfd
, &pw_file_lock_depth
);
711 * Now get the password value - this should be 32 hex digits
712 * which are the ascii representations of a 16 byte string.
713 * Get two at a time and put them into the password.
717 /* Record exact password position */
718 pwd_seekpos
+= PTR_DIFF(p
, linebuf
);
720 if (!override
&& (*p
== '*' || *p
== 'X')) {
721 /* Password deliberately invalid - end here. */
722 DEBUG(10, ("mod_smbfilepwd_entry: entry invalidated for user %s\n", user_name
));
723 pw_file_unlock(lockfd
, &pw_file_lock_depth
);
728 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33)) {
729 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
730 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
736 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
737 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
742 if (!override
&& (*p
== '*' || *p
== 'X')) {
743 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
748 /* Now check if the NT compatible password is
750 p
+= 33; /* Move to the first character of the line after
751 the lanman password. */
752 if (linebuf_len
< (PTR_DIFF(p
, linebuf
) + 33)) {
753 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (passwd too short)\n"));
754 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
760 DEBUG(0, ("mod_smbfilepwd_entry: malformed password entry (no terminating :)\n"));
761 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
767 * Now check if the account info and the password last
768 * change time is available.
770 p
+= 33; /* Move to the first character of the line after
774 * If both NT and lanman passwords are provided - reset password
778 if(pwd
->smb_passwd
!= NULL
|| pwd
->smb_nt_passwd
!= NULL
) {
779 /* Reqiure password in the future (should ACB_DISABLED also be reset?) */
780 pwd
->acct_ctrl
&= ~(ACB_PWNOTREQ
);
786 encode_bits
[i
++] = *p
++;
787 while((linebuf_len
> PTR_DIFF(p
, linebuf
)) && (*p
!= ']'))
788 encode_bits
[i
++] = *p
++;
790 encode_bits
[i
++] = ']';
791 encode_bits
[i
++] = '\0';
793 if(i
== NEW_PW_FORMAT_SPACE_PADDED_LEN
) {
795 * We are using a new format, space padded
796 * acct ctrl field. Encode the given acct ctrl
799 fstrcpy(encode_bits
, pdb_encode_acct_ctrl(pwd
->acct_ctrl
, NEW_PW_FORMAT_SPACE_PADDED_LEN
));
802 * If using the old format and the ACB_DISABLED or
803 * ACB_PWNOTREQ are set then set the lanman and NT passwords to NULL
804 * here as we have no space to encode the change.
806 if(pwd
->acct_ctrl
& (ACB_DISABLED
|ACB_PWNOTREQ
)) {
807 pwd
->smb_passwd
= NULL
;
808 pwd
->smb_nt_passwd
= NULL
;
812 /* Go past the ']' */
813 if(linebuf_len
> PTR_DIFF(p
, linebuf
))
816 if((linebuf_len
> PTR_DIFF(p
, linebuf
)) && (*p
== ':')) {
819 /* We should be pointing at the LCT entry. */
820 if((linebuf_len
> (PTR_DIFF(p
, linebuf
) + 13)) && (StrnCaseCmp((char *)p
, "LCT-", 4) == 0)) {
823 for(i
= 0; i
< 8; i
++) {
824 if(p
[i
] == '\0' || !isxdigit(p
[i
]))
829 * p points at 8 characters of hex digits -
830 * read into a time_t as the seconds since
831 * 1970 that the password was last changed.
833 got_pass_last_set_time
= True
;
835 } /* *p && StrnCaseCmp() */
839 /* Entry is correctly formed. */
841 /* Create the 32 byte representation of the new p16 */
842 if(pwd
->smb_passwd
!= NULL
) {
843 for (i
= 0; i
< 16; i
++) {
844 slprintf(&ascii_p16
[i
*2], sizeof(fstring
) - 1, "%02X", (uchar
) pwd
->smb_passwd
[i
]);
847 if(pwd
->acct_ctrl
& ACB_PWNOTREQ
)
848 fstrcpy(ascii_p16
, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
850 fstrcpy(ascii_p16
, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
853 /* Add on the NT md4 hash */
856 if (pwd
->smb_nt_passwd
!= NULL
) {
857 for (i
= 0; i
< 16; i
++) {
858 slprintf(&ascii_p16
[(i
*2)+33], sizeof(fstring
) - 1, "%02X", (uchar
) pwd
->smb_nt_passwd
[i
]);
861 if(pwd
->acct_ctrl
& ACB_PWNOTREQ
)
862 fstrcpy(&ascii_p16
[33], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
864 fstrcpy(&ascii_p16
[33], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
868 /* Add on the account info bits and the time of last
871 pwd
->pass_last_set_time
= time(NULL
);
873 if(got_pass_last_set_time
) {
874 slprintf(&ascii_p16
[strlen(ascii_p16
)],
875 sizeof(ascii_p16
)-(strlen(ascii_p16
)+1),
877 encode_bits
, (uint32
)pwd
->pass_last_set_time
);
878 wr_len
= strlen(ascii_p16
);
881 #ifdef DEBUG_PASSWORD
882 DEBUG(100,("mod_smbfilepwd_entry: "));
883 dump_data(100, ascii_p16
, wr_len
);
886 if(wr_len
> sizeof(linebuf
)) {
887 DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len
+1));
888 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
894 * Do an atomic write into the file at the position defined by
898 /* The mod user write needs to be atomic - so get the fd from
899 the fp and do a raw write() call.
904 if (sys_lseek(fd
, pwd_seekpos
- 1, SEEK_SET
) != pwd_seekpos
- 1) {
905 DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile
));
906 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
911 /* Sanity check - ensure the areas we are writing are framed by ':' */
912 if (read(fd
, linebuf
, wr_len
+1) != wr_len
+1) {
913 DEBUG(0, ("mod_smbfilepwd_entry: read fail on file %s.\n", pfile
));
914 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
919 if ((linebuf
[0] != ':') || (linebuf
[wr_len
] != ':')) {
920 DEBUG(0, ("mod_smbfilepwd_entry: check on passwd file %s failed.\n", pfile
));
921 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
926 if (sys_lseek(fd
, pwd_seekpos
, SEEK_SET
) != pwd_seekpos
) {
927 DEBUG(0, ("mod_smbfilepwd_entry: seek fail on file %s.\n", pfile
));
928 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
933 if (write(fd
, ascii_p16
, wr_len
) != wr_len
) {
934 DEBUG(0, ("mod_smbfilepwd_entry: write failed in passwd file %s\n", pfile
));
935 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
940 pw_file_unlock(lockfd
,&pw_file_lock_depth
);
946 * Stub functions - implemented in terms of others.
949 static BOOL
mod_smbfile21pwd_entry(struct sam_passwd
* pwd
, BOOL override
)
951 return mod_smbfilepwd_entry(pdb_sam_to_smb(pwd
), override
);
954 static BOOL
add_smbfile21pwd_entry(struct sam_passwd
*newpwd
)
956 return add_smbfilepwd_entry(pdb_sam_to_smb(newpwd
));
959 static struct sam_disp_info
*getsmbfiledispnam(char *name
)
961 return pdb_sam_to_dispinfo(getsam21pwnam(name
));
964 static struct sam_disp_info
*getsmbfiledisprid(uint32 rid
)
966 return pdb_sam_to_dispinfo(getsam21pwrid(rid
));
969 static struct sam_disp_info
*getsmbfiledispent(void *vp
)
971 return pdb_sam_to_dispinfo(getsam21pwent(vp
));
974 static struct passdb_ops file_ops
= {
979 iterate_getsmbpwnam
, /* In passdb.c */
980 iterate_getsmbpwuid
, /* In passdb.c */
982 add_smbfilepwd_entry
,
983 mod_smbfilepwd_entry
,
985 iterate_getsam21pwnam
,
986 iterate_getsam21pwuid
,
987 iterate_getsam21pwrid
,
988 add_smbfile21pwd_entry
,
989 mod_smbfile21pwd_entry
,
995 struct passdb_ops
*file_initialize_password_db(void)
1001 /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
1002 void smbpass_dummy_function(void) { } /* stop some compilers complaining */
1003 #endif /* USE_SMBPASS_DB */