sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00
Code
3b7f8ddd9a
samba-mirror/source4/utils/net/net_password.c

172 lines
4.9 KiB
C
Raw Normal View History

r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
/*
Samba Unix/Linux SMB client library
Distributed SMB/CIFS Server Management Utility
Copyright (C) 2004 Stefan Metzmacher (metze@samba.org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
r3478: split out some more pieces of includes.h (This used to be commit 8e9212ecfc61c509f686363d8ec412ce54bc1c8d)
2004-11-02 14:42:35 +03:00
#include "utils/net/net.h"
#include "libnet/libnet.h"
r5298: - got rid of pstring.h from includes.h. This at least makes it a bit less likely that anyone will use pstring for new code - got rid of winbind_client.h from includes.h. This one triggered a huge change, as winbind_client.h was including system/filesys.h and defining the old uint32 and uint16 types, as well as its own pstring and fstring. (This used to be commit 9db6c79e902ec538108d6b7d3324039aabe1704f)
2005-02-10 08:09:35 +03:00
#include "system/filesys.h"
r3454: moved a few more things out if includes.h into the include/system/ include files. this brings us down to about 11k lines of headers included with includes.h, while still retaining the speed of building with pch (This used to be commit 10188869ef072309ca580b8b933e172571fcdda7)
2004-11-02 06:13:06 +03:00
#include "system/passwd.h"
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
/*
* Code for Changing and setting a password
*/
r5425: Convert function tables to new structure (with description) and remove unnecessary help functions as help is generated automatically. Usage functions with precise information about usage of each leaf node remain. rafal (This used to be commit eb66180d14a14cafbfc0df2b39eeaf4ad7bb43a9)
2005-02-17 00:54:01 +03:00
static int net_password_change_usage(struct net_context *ctx, int argc, const char **argv)
{
d_printf("net_password_change_usage: TODO\n");
return 0;
}
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
static int net_password_change(struct net_context *ctx, int argc, const char **argv)
{
NTSTATUS status;
struct libnet_context *libnetctx;
union libnet_ChangePassword r;
char *password_prompt = NULL;
const char *new_password;
if (argc > 0 && argv[0]) {
new_password = argv[0];
} else {
r1915: use popt's cmdline_auth_info to fill the net_context and print the user domain when prompting for a new password metze (This used to be commit aedb2e9e1c418a7ac3cc18299707ae9146e4047a)
2004-08-19 16:36:05 +04:00
password_prompt = talloc_asprintf(ctx->mem_ctx, "Enter new password for account [%s\\%s]:",
r5917: First step in using the new cli_credentials structure. This patch puts support for it into popt_common, adds a few utility functions (in lib/credentials.c) and the callback functions for the command-line (lib/cmdline/credentials.c). Comments are welcome :-) (This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
2005-03-21 05:08:38 +03:00
cli_credentials_get_domain(ctx->credentials),
r9728: A *major* update to the credentials system, to incorporate the Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2005-08-29 08:30:22 +04:00
cli_credentials_get_username(ctx->credentials, ctx->mem_ctx));
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
new_password = getpass(password_prompt);
}
r7633: this patch started as an attempt to make the dcerpc code use a given event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2005-06-16 15:36:09 +04:00
libnetctx = libnet_context_init(NULL);
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
if (!libnetctx) {
return -1;
}
r7249: Cope with struct member rename (This used to be commit e7549f33f5fb06d8b2a8f31745545cc7b9c8d4f9)
2005-06-04 01:30:07 +04:00
libnetctx->cred = ctx->credentials;
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
/* prepare password change */
r.generic.level = LIBNET_CHANGE_PASSWORD_GENERIC;
r9728: A *major* update to the credentials system, to incorporate the Kerberos CCACHE into the system. This again allows the use of the system ccache when no username is specified, and brings more code in common between gensec_krb5 and gensec_gssapi. It also has a side-effect that may (or may not) be expected: If there is a ccache, even if it is not used (perhaps the remote server didn't want kerberos), it will change the default username. Andrew Bartlett (This used to be commit 6202267f6ec1446d6bd11d1d37d05a977bc8d315)
2005-08-29 08:30:22 +04:00
r.generic.in.account_name = cli_credentials_get_username(ctx->credentials, ctx->mem_ctx);
r5917: First step in using the new cli_credentials structure. This patch puts support for it into popt_common, adds a few utility functions (in lib/credentials.c) and the callback functions for the command-line (lib/cmdline/credentials.c). Comments are welcome :-) (This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
2005-03-21 05:08:38 +03:00
r.generic.in.domain_name = cli_credentials_get_domain(ctx->credentials);
r.generic.in.oldpassword = cli_credentials_get_password(ctx->credentials);
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
r.generic.in.newpassword = new_password;
/* do password change */
status = libnet_ChangePassword(libnetctx, ctx->mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("net_password_change: %s\n",r.generic.out.error_string));
return -1;
}
r7633: this patch started as an attempt to make the dcerpc code use a given event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2005-06-16 15:36:09 +04:00
talloc_free(libnetctx);
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
return 0;
}
r5425: Convert function tables to new structure (with description) and remove unnecessary help functions as help is generated automatically. Usage functions with precise information about usage of each leaf node remain. rafal (This used to be commit eb66180d14a14cafbfc0df2b39eeaf4ad7bb43a9)
2005-02-17 00:54:01 +03:00
static int net_password_set_usage(struct net_context *ctx, int argc, const char **argv)
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
{
r5425: Convert function tables to new structure (with description) and remove unnecessary help functions as help is generated automatically. Usage functions with precise information about usage of each leaf node remain. rafal (This used to be commit eb66180d14a14cafbfc0df2b39eeaf4ad7bb43a9)
2005-02-17 00:54:01 +03:00
d_printf("net_password_set_usage: TODO\n");
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
return 0;
}
r5425: Convert function tables to new structure (with description) and remove unnecessary help functions as help is generated automatically. Usage functions with precise information about usage of each leaf node remain. rafal (This used to be commit eb66180d14a14cafbfc0df2b39eeaf4ad7bb43a9)
2005-02-17 00:54:01 +03:00
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
static int net_password_set(struct net_context *ctx, int argc, const char **argv)
{
NTSTATUS status;
struct libnet_context *libnetctx;
union libnet_SetPassword r;
char *password_prompt = NULL;
char *p;
char *tmp;
const char *account_name;
const char *domain_name;
const char *new_password = NULL;
switch (argc) {
case 0: /* no args -> fail */
r5425: Convert function tables to new structure (with description) and remove unnecessary help functions as help is generated automatically. Usage functions with precise information about usage of each leaf node remain. rafal (This used to be commit eb66180d14a14cafbfc0df2b39eeaf4ad7bb43a9)
2005-02-17 00:54:01 +03:00
return net_password_set_usage(ctx, argc, argv);
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
case 1: /* only DOM\\user; prompt for password */
tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
break;
case 2: /* DOM\\USER and password */
tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
new_password = argv[1];
break;
default: /* too mayn args -> fail */
DEBUG(0,("net_password_set: too many args [%d]\n",argc));
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 04:11:20 +03:00
return net_password_usage(ctx, argc, argv);
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
}
if ((p = strchr_m(tmp,'\\'))) {
*p = 0;
domain_name = tmp;
account_name = talloc_strdup(ctx->mem_ctx, p+1);
} else {
account_name = tmp;
r5917: First step in using the new cli_credentials structure. This patch puts support for it into popt_common, adds a few utility functions (in lib/credentials.c) and the callback functions for the command-line (lib/cmdline/credentials.c). Comments are welcome :-) (This used to be commit 1d49b57c50fe8c2683ea23e9df41ce8ad774db98)
2005-03-21 05:08:38 +03:00
domain_name = cli_credentials_get_domain(ctx->credentials);
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
}
if (!new_password) {
password_prompt = talloc_asprintf(ctx->mem_ctx, "Enter new password for account [%s\\%s]:",
domain_name, account_name);
new_password = getpass(password_prompt);
}
r7633: this patch started as an attempt to make the dcerpc code use a given event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2005-06-16 15:36:09 +04:00
libnetctx = libnet_context_init(NULL);
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
if (!libnetctx) {
return -1;
}
r7249: Cope with struct member rename (This used to be commit e7549f33f5fb06d8b2a8f31745545cc7b9c8d4f9)
2005-06-04 01:30:07 +04:00
libnetctx->cred = ctx->credentials;
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
/* prepare password change */
r.generic.level = LIBNET_SET_PASSWORD_GENERIC;
r.generic.in.account_name = account_name;
r.generic.in.domain_name = domain_name;
r.generic.in.newpassword = new_password;
/* do password change */
status = libnet_SetPassword(libnetctx, ctx->mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("net_password_set: %s\n",r.generic.out.error_string));
return -1;
}
r7633: this patch started as an attempt to make the dcerpc code use a given event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2005-06-16 15:36:09 +04:00
talloc_free(libnetctx);
r1951: add 'net password set' call use it like: net password set user net password set DOM\\user net password set user pass net password set DOM\\user pass net password set -U DOM\\Administrator%admpass DOM\\user pass metze (This used to be commit b660e5b9e6236c996550973e9bde1e80a8eed775)
2004-08-20 13:55:21 +04:00
return 0;
}
r4341: Fix const warning. (This used to be commit d8b1ba93a8ed0d5d01cb05b1c14353a0eca4de3e)
2004-12-23 07:09:25 +03:00
static const struct net_functable net_password_functable[] = {
r5425: Convert function tables to new structure (with description) and remove unnecessary help functions as help is generated automatically. Usage functions with precise information about usage of each leaf node remain. rafal (This used to be commit eb66180d14a14cafbfc0df2b39eeaf4ad7bb43a9)
2005-02-17 00:54:01 +03:00
{"change", "change password (old password required)\n", net_password_change, net_password_change_usage },
{"set", "set password\n", net_password_set, net_password_set_usage },
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
{NULL, NULL}
};
int net_password(struct net_context *ctx, int argc, const char **argv)
{
return net_run_function(ctx, argc, argv, net_password_functable, net_password_usage);
}
int net_password_usage(struct net_context *ctx, int argc, const char **argv)
{
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 04:11:20 +03:00
d_printf("net password <command> [options]\n");
r1879: - add a user sub struct in net_context - add 'net password change' command (it doesn'T work yet because libnet_rpc_connect() isn't implemented yet, and we don't fill in the net_context user substruct yet) metze (This used to be commit 939da063cdf18a5ab7e7f0490ac58d1f138cf0f0)
2004-08-18 16:47:08 +04:00
return 0;
}
Copy Permalink