1996-05-04 11:50:46 +04:00
/*
* Unix SMB / Netbios implementation . Version 1.9 . smbpasswd module . Copyright
1997-05-08 05:14:17 +04:00
* ( C ) Jeremy Allison 1995 - 1997.
1996-05-04 11:50:46 +04:00
*
* This program is free software ; you can redistribute it and / or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation ; either version 2 of the License , or ( at your option )
* any later version .
*
* This program is distributed in the hope that it will be useful , but WITHOUT
* ANY WARRANTY ; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE . See the GNU General Public License for
* more details .
*
* You should have received a copy of the GNU General Public License along with
* this program ; if not , write to the Free Software Foundation , Inc . , 675
* Mass Ave , Cambridge , MA 0213 9 , USA .
*/
# include "includes.h"
/* Static buffers we will return. */
static struct smb_passwd pw_buf ;
static pstring user_name ;
static unsigned char smbpwd [ 16 ] ;
static unsigned char smbntpwd [ 16 ] ;
static int gethexpwd ( char * p , char * pwd )
{
int i ;
unsigned char lonybble , hinybble ;
char * hexchars = " 0123456789ABCDEF " ;
char * p1 , * p2 ;
for ( i = 0 ; i < 32 ; i + = 2 ) {
hinybble = toupper ( p [ i ] ) ;
lonybble = toupper ( p [ i + 1 ] ) ;
p1 = strchr ( hexchars , hinybble ) ;
p2 = strchr ( hexchars , lonybble ) ;
if ( ! p1 | | ! p2 )
return ( False ) ;
hinybble = PTR_DIFF ( p1 , hexchars ) ;
lonybble = PTR_DIFF ( p2 , hexchars ) ;
pwd [ i / 2 ] = ( hinybble < < 4 ) | lonybble ;
}
return ( True ) ;
}
struct smb_passwd *
_my_get_smbpwnam ( FILE * fp , char * name , BOOL * valid_old_pwd ,
BOOL * got_valid_nt_entry , long * pwd_seekpos )
{
char linebuf [ 256 ] ;
unsigned char c ;
unsigned char * p ;
long uidval ;
long linebuf_len ;
/*
* Scan the file , a line at a time and check if the name matches .
*/
while ( ! feof ( fp ) ) {
linebuf [ 0 ] = ' \0 ' ;
* pwd_seekpos = ftell ( fp ) ;
fgets ( linebuf , 256 , fp ) ;
if ( ferror ( fp ) )
return NULL ;
/*
* Check if the string is terminated with a newline - if not
* then we must keep reading and discard until we get one .
*/
linebuf_len = strlen ( linebuf ) ;
if ( linebuf [ linebuf_len - 1 ] ! = ' \n ' ) {
c = ' \0 ' ;
while ( ! ferror ( fp ) & & ! feof ( fp ) ) {
c = fgetc ( fp ) ;
if ( c = = ' \n ' )
break ;
}
} else
linebuf [ linebuf_len - 1 ] = ' \0 ' ;
if ( ( linebuf [ 0 ] = = 0 ) & & feof ( fp ) )
break ;
/*
* The line we have should be of the form : -
*
* username : uid : [ 32 hex bytes ] : . . . . other flags presently
* ignored . . . .
*
* or ,
*
* username : uid : [ 32 hex bytes ] : [ 32 hex bytes ] : . . . . ignored . . . .
*
* if Windows NT compatible passwords are also present .
*/
if ( linebuf [ 0 ] = = ' # ' | | linebuf [ 0 ] = = ' \0 ' )
continue ;
p = ( unsigned char * ) strchr ( linebuf , ' : ' ) ;
if ( p = = NULL )
continue ;
/*
* As 256 is shorter than a pstring we don ' t need to check
* length here - if this ever changes . . . .
*/
strncpy ( user_name , linebuf , PTR_DIFF ( p , linebuf ) ) ;
user_name [ PTR_DIFF ( p , linebuf ) ] = ' \0 ' ;
if ( ! strequal ( user_name , name ) )
continue ;
/* User name matches - get uid and password */
p + + ; /* Go past ':' */
if ( ! isdigit ( * p ) )
return ( False ) ;
uidval = atoi ( ( char * ) p ) ;
while ( * p & & isdigit ( * p ) )
p + + ;
if ( * p ! = ' : ' )
return ( False ) ;
/*
* Now get the password value - this should be 32 hex digits
* which are the ascii representations of a 16 byte string .
* Get two at a time and put them into the password .
*/
p + + ;
* pwd_seekpos + = PTR_DIFF ( p , linebuf ) ; /* Save exact position
* of passwd in file -
* this is used by
* smbpasswd . c */
if ( * p = = ' * ' | | * p = = ' X ' ) {
/* Password deliberately invalid - end here. */
* valid_old_pwd = False ;
* got_valid_nt_entry = False ;
pw_buf . smb_nt_passwd = NULL ; /* No NT password (yet)*/
/* Now check if the NT compatible password is
available . */
p + = 33 ; /* Move to the first character of the line after
the lanman password . */
if ( ( linebuf_len > = ( PTR_DIFF ( p , linebuf ) + 33 ) ) & & ( p [ 32 ] = = ' : ' ) ) {
/* NT Entry was valid - even if 'X' or '*', can be overwritten */
* got_valid_nt_entry = True ;
if ( * p ! = ' * ' & & * p ! = ' X ' ) {
1996-05-29 11:47:47 +04:00
if ( gethexpwd ( ( char * ) p , ( char * ) smbntpwd ) )
pw_buf . smb_nt_passwd = smbntpwd ;
1996-05-04 11:50:46 +04:00
}
}
pw_buf . smb_name = user_name ;
pw_buf . smb_userid = uidval ;
pw_buf . smb_passwd = NULL ; /* No password */
return ( & pw_buf ) ;
}
if ( linebuf_len < ( PTR_DIFF ( p , linebuf ) + 33 ) )
return ( False ) ;
if ( p [ 32 ] ! = ' : ' )
return ( False ) ;
1996-05-29 11:47:47 +04:00
if ( ! strncasecmp ( ( char * ) p , " NO PASSWORD " , 11 ) ) {
pw_buf . smb_passwd = NULL ; /* No password */
1996-05-04 11:50:46 +04:00
} else {
1996-05-29 11:47:47 +04:00
if ( ! gethexpwd ( ( char * ) p , ( char * ) smbpwd ) )
return False ;
pw_buf . smb_passwd = smbpwd ;
1996-05-04 11:50:46 +04:00
}
pw_buf . smb_name = user_name ;
pw_buf . smb_userid = uidval ;
pw_buf . smb_nt_passwd = NULL ;
* got_valid_nt_entry = False ;
* valid_old_pwd = True ;
/* Now check if the NT compatible password is
available . */
p + = 33 ; /* Move to the first character of the line after
the lanman password . */
if ( ( linebuf_len > = ( PTR_DIFF ( p , linebuf ) + 33 ) ) & & ( p [ 32 ] = = ' : ' ) ) {
/* NT Entry was valid - even if 'X' or '*', can be overwritten */
* got_valid_nt_entry = True ;
if ( * p ! = ' * ' & & * p ! = ' X ' ) {
1996-05-29 11:47:47 +04:00
if ( gethexpwd ( ( char * ) p , ( char * ) smbntpwd ) )
pw_buf . smb_nt_passwd = smbntpwd ;
1996-05-04 11:50:46 +04:00
}
}
return & pw_buf ;
}
return NULL ;
}
/*
* Print command usage on stderr and die .
*/
1996-06-04 10:42:03 +04:00
static void usage ( char * name )
1996-05-04 11:50:46 +04:00
{
1997-08-09 17:29:02 +04:00
fprintf ( stderr , " Usage is : %s [-add] [username] [password] \n " , name ) ;
1996-05-04 11:50:46 +04:00
exit ( 1 ) ;
}
1996-06-04 10:42:03 +04:00
int main ( int argc , char * * argv )
1996-05-04 11:50:46 +04:00
{
int real_uid ;
struct passwd * pwd ;
fstring old_passwd ;
uchar old_p16 [ 16 ] ;
uchar old_nt_p16 [ 16 ] ;
fstring new_passwd ;
uchar new_p16 [ 16 ] ;
uchar new_nt_p16 [ 16 ] ;
char * p ;
struct smb_passwd * smb_pwent ;
FILE * fp ;
BOOL valid_old_pwd = False ;
BOOL got_valid_nt_entry = False ;
1997-07-11 00:15:48 +04:00
BOOL add_user = False ;
1997-08-06 18:35:23 +04:00
int add_pass = 0 ;
1996-05-04 11:50:46 +04:00
long seekpos ;
int pwfd ;
char ascii_p16 [ 66 ] ;
char c ;
int ret , i , err , writelen ;
int lockfd = - 1 ;
char * pfile = SMB_PASSWD_FILE ;
char readbuf [ 16 * 1024 ] ;
1996-05-31 19:13:29 +04:00
TimeInit ( ) ;
1996-05-04 11:50:46 +04:00
setup_logging ( argv [ 0 ] , True ) ;
1997-07-19 00:21:32 +04:00
charset_initialise ( ) ;
1996-05-04 11:50:46 +04:00
# ifndef DEBUG_PASSWORD
/* Check the effective uid */
if ( geteuid ( ) ! = 0 ) {
fprintf ( stderr , " %s: Must be setuid root. \n " , argv [ 0 ] ) ;
exit ( 1 ) ;
}
# endif
/* Get the real uid */
real_uid = getuid ( ) ;
/* Deal with usage problems */
1997-08-06 18:35:23 +04:00
if ( real_uid = = 0 )
{
1997-07-11 00:15:48 +04:00
/* As root we can change anothers password and add a user. */
1997-08-06 18:35:23 +04:00
if ( argc > 4 )
1996-05-04 11:50:46 +04:00
usage ( argv [ 0 ] ) ;
1997-08-06 18:35:23 +04:00
}
else if ( argc = = 2 | | argc > 3 )
{
1997-07-11 00:15:48 +04:00
fprintf ( stderr , " %s: Only root can set anothers password. \n " , argv [ 0 ] ) ;
1996-05-04 11:50:46 +04:00
usage ( argv [ 0 ] ) ;
1997-07-11 00:15:48 +04:00
}
1996-05-04 11:50:46 +04:00
1997-08-06 18:35:23 +04:00
if ( real_uid = = 0 & & ( argc > 1 ) )
{
1997-07-11 00:15:48 +04:00
/* We are root - check if we should add the user */
if ( ( argv [ 1 ] [ 0 ] = = ' - ' ) & & ( argv [ 1 ] [ 1 ] = = ' a ' ) )
add_user = True ;
1997-08-06 18:35:23 +04:00
1997-08-19 23:22:26 +04:00
if ( add_user & & ( argc < = 2 | | argc > 4 ) )
1997-07-11 00:15:48 +04:00
usage ( argv [ 0 ] ) ;
1997-08-06 18:35:23 +04:00
/* root can specify password on command-line */
if ( argc = = ( add_user ? 4 : 3 ) )
{
/* -a argument (add_user): new password is 3rd argument. */
/* no -a argument (add_user): new password is 2nd argument */
add_pass = add_user ? 3 : 2 ;
}
/* If we are root we can change another's password. */
1997-07-11 00:15:48 +04:00
strncpy ( user_name , add_user ? argv [ 2 ] : argv [ 1 ] , sizeof ( user_name ) - 1 ) ;
1996-05-04 11:50:46 +04:00
user_name [ sizeof ( user_name ) - 1 ] = ' \0 ' ;
1997-08-06 18:35:23 +04:00
1996-05-04 11:50:46 +04:00
pwd = getpwnam ( user_name ) ;
1997-08-06 18:35:23 +04:00
}
else
{
/* non-root can specify old pass / new pass on command-line */
if ( argc = = 3 )
{
/* non-root specifies new password as 2nd argument */
add_pass = 2 ;
}
1996-05-04 11:50:46 +04:00
pwd = getpwuid ( real_uid ) ;
}
if ( pwd = = 0 ) {
fprintf ( stderr , " %s: Unable to get UNIX password entry for user. \n " , argv [ 0 ] ) ;
exit ( 1 ) ;
}
1997-08-06 18:35:23 +04:00
1996-05-04 11:50:46 +04:00
/* If we are root we don't ask for the old password. */
old_passwd [ 0 ] = ' \0 ' ;
1997-08-06 18:35:23 +04:00
if ( real_uid ! = 0 )
{
if ( add_pass )
{
/* old password, as non-root, is 1st argument */
strncpy ( old_passwd , argv [ 1 ] , sizeof ( fstring ) ) ;
}
else
{
p = getpass ( " Old SMB password: " ) ;
strncpy ( old_passwd , p , sizeof ( fstring ) ) ;
}
1996-05-04 11:50:46 +04:00
old_passwd [ sizeof ( fstring ) - 1 ] = ' \0 ' ;
}
1997-08-06 18:35:23 +04:00
if ( add_pass )
{
/* new password is specified on the command line */
strncpy ( new_passwd , argv [ add_user ? 3 : 2 ] , sizeof ( new_passwd ) - 1 ) ;
new_passwd [ sizeof ( new_passwd ) - 1 ] = ' \0 ' ;
}
else
{
new_passwd [ 0 ] = ' \0 ' ;
p = getpass ( " New SMB password: " ) ;
strncpy ( new_passwd , p , sizeof ( fstring ) ) ;
new_passwd [ sizeof ( fstring ) - 1 ] = ' \0 ' ;
p = getpass ( " Retype new SMB password: " ) ;
1997-08-19 23:22:26 +04:00
if ( strncmp ( p , new_passwd , sizeof ( fstring ) - 1 ) )
1997-08-06 18:35:23 +04:00
{
fprintf ( stderr , " %s: Mismatch - password unchanged. \n " , argv [ 0 ] ) ;
exit ( 1 ) ;
}
1996-05-04 11:50:46 +04:00
}
1997-08-06 18:35:23 +04:00
if ( new_passwd [ 0 ] = = ' \0 ' )
{
1996-05-04 11:50:46 +04:00
printf ( " Password not set \n " ) ;
exit ( 0 ) ;
}
/* Calculate the MD4 hash (NT compatible) of the old and new passwords */
memset ( old_nt_p16 , ' \0 ' , 16 ) ;
E_md4hash ( ( uchar * ) old_passwd , old_nt_p16 ) ;
memset ( new_nt_p16 , ' \0 ' , 16 ) ;
E_md4hash ( ( uchar * ) new_passwd , new_nt_p16 ) ;
/* Mangle the passwords into Lanman format */
old_passwd [ 14 ] = ' \0 ' ;
strupper ( old_passwd ) ;
new_passwd [ 14 ] = ' \0 ' ;
strupper ( new_passwd ) ;
/*
* Calculate the SMB ( lanman ) hash functions of both old and new passwords .
*/
memset ( old_p16 , ' \0 ' , 16 ) ;
E_P16 ( ( uchar * ) old_passwd , old_p16 ) ;
memset ( new_p16 , ' \0 ' , 16 ) ;
E_P16 ( ( uchar * ) new_passwd , new_p16 ) ;
/*
* Open the smbpaswd file XXXX - we need to parse smb . conf to get the
* filename
*/
1997-09-15 10:36:55 +04:00
fp = fopen ( pfile , " r+ " ) ;
if ( ! fp & & errno = = ENOENT ) {
fp = fopen ( pfile , " w " ) ;
if ( fp ) {
fprintf ( fp , " # Samba SMB password file \n " ) ;
fclose ( fp ) ;
fp = fopen ( pfile , " r+ " ) ;
}
}
if ( ! fp ) {
err = errno ;
fprintf ( stderr , " %s: Failed to open password file %s. \n " ,
argv [ 0 ] , pfile ) ;
errno = err ;
perror ( argv [ 0 ] ) ;
exit ( err ) ;
1996-05-04 11:50:46 +04:00
}
1997-09-15 09:43:37 +04:00
1996-05-04 11:50:46 +04:00
/* Set read buffer to 16k for effiecient reads */
setvbuf ( fp , readbuf , _IOFBF , sizeof ( readbuf ) ) ;
1997-10-13 17:49:50 +04:00
/* make sure it is only rw by the owner */
chmod ( pfile , 0600 ) ;
1997-10-13 16:21:56 +04:00
1996-05-04 11:50:46 +04:00
/* Lock the smbpasswd file for write. */
if ( ( lockfd = pw_file_lock ( pfile , F_WRLCK , 5 ) ) < 0 ) {
err = errno ;
fprintf ( stderr , " %s: Failed to lock password file %s. \n " ,
argv [ 0 ] , pfile ) ;
fclose ( fp ) ;
errno = err ;
perror ( argv [ 0 ] ) ;
exit ( err ) ;
}
/* Get the smb passwd entry for this user */
smb_pwent = _my_get_smbpwnam ( fp , pwd - > pw_name , & valid_old_pwd ,
& got_valid_nt_entry , & seekpos ) ;
if ( smb_pwent = = NULL ) {
1997-07-11 00:15:48 +04:00
if ( add_user = = False ) {
fprintf ( stderr , " %s: Failed to find entry for user %s in file %s. \n " ,
argv [ 0 ] , pwd - > pw_name , pfile ) ;
1996-05-04 11:50:46 +04:00
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
1997-07-11 00:15:48 +04:00
/* Create a new smb passwd entry and set it to the given password. */
{
int fd ;
int new_entry_length ;
char * new_entry ;
long offpos ;
/* The add user write needs to be atomic - so get the fd from
the fp and do a raw write ( ) call .
*/
fd = fileno ( fp ) ;
if ( ( offpos = lseek ( fd , 0 , SEEK_END ) ) = = - 1 ) {
fprintf ( stderr , " %s: Failed to add entry for user %s to file %s. \
1997-09-15 09:43:37 +04:00
Error was % s \ n " , argv[0], pwd->pw_name, pfile, strerror(errno));
1997-07-11 00:15:48 +04:00
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
new_entry_length = strlen ( pwd - > pw_name ) + 1 + 15 + 1 +
32 + 1 + 32 + 1 + strlen ( pwd - > pw_gecos ) +
1 + strlen ( pwd - > pw_dir ) + 1 +
strlen ( pwd - > pw_shell ) + 1 ;
if ( ( new_entry = ( char * ) malloc ( new_entry_length ) ) = = 0 ) {
fprintf ( stderr , " %s: Failed to add entry for user %s to file %s. \
1997-09-15 09:43:37 +04:00
Error was % s \ n " , argv[0], pwd->pw_name, pfile, strerror(errno));
1997-07-11 00:15:48 +04:00
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
sprintf ( new_entry , " %s:%u: " , pwd - > pw_name , pwd - > pw_uid ) ;
p = & new_entry [ strlen ( new_entry ) ] ;
for ( i = 0 ; i < 16 ; i + + )
sprintf ( & p [ i * 2 ] , " %02X " , new_p16 [ i ] ) ;
p + = 32 ;
* p + + = ' : ' ;
for ( i = 0 ; i < 16 ; i + + )
1997-07-21 20:58:10 +04:00
sprintf ( & p [ i * 2 ] , " %02X " , new_nt_p16 [ i ] ) ;
1997-07-11 00:15:48 +04:00
p + = 32 ;
* p + + = ' : ' ;
sprintf ( p , " %s:%s:%s \n " , pwd - > pw_gecos ,
pwd - > pw_dir , pwd - > pw_shell ) ;
if ( write ( fd , new_entry , strlen ( new_entry ) ) ! = strlen ( new_entry ) ) {
fprintf ( stderr , " %s: Failed to add entry for user %s to file %s. \
1997-09-15 09:43:37 +04:00
Error was % s \ n " , argv[0], pwd->pw_name, pfile, strerror(errno));
1997-07-11 00:15:48 +04:00
/* Remove the entry we just wrote. */
if ( ftruncate ( fd , offpos ) = = - 1 ) {
fprintf ( stderr , " %s: ERROR failed to ftruncate file %s. \
1997-09-15 09:43:37 +04:00
Error was % s . Password file may be corrupt ! Please examine by hand ! \ n " ,
argv [ 0 ] , pwd - > pw_name , strerror ( errno ) ) ;
1997-07-11 00:15:48 +04:00
}
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 0 ) ;
}
1997-09-15 10:36:55 +04:00
} else {
/* the entry already existed */
add_user = False ;
1997-07-11 00:15:48 +04:00
}
/* If we are root or the password is 'NO PASSWORD' then
we don ' t need to check the old password . */
if ( real_uid ! = 0 ) {
if ( valid_old_pwd = = False ) {
1997-08-09 17:29:02 +04:00
fprintf ( stderr , " %s: User %s has no old SMB password. \n " , argv [ 0 ] , pwd - > pw_name ) ;
1996-05-04 11:50:46 +04:00
}
1997-07-11 00:15:48 +04:00
/* Check the old Lanman password - NULL means 'NO PASSWORD' */
if ( smb_pwent - > smb_passwd ! = NULL ) {
if ( memcmp ( old_p16 , smb_pwent - > smb_passwd , 16 ) ) {
fprintf ( stderr , " %s: Couldn't change password. \n " , argv [ 0 ] ) ;
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
}
1996-05-04 11:50:46 +04:00
/* Check the NT password if it exists */
if ( smb_pwent - > smb_nt_passwd ! = NULL ) {
if ( memcmp ( old_nt_p16 , smb_pwent - > smb_nt_passwd , 16 ) ) {
fprintf ( stderr , " %s: Couldn't change password. \n " , argv [ 0 ] ) ;
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
}
}
/*
* If we get here either we were root or the old password checked out
* ok .
*/
/* Create the 32 byte representation of the new p16 */
for ( i = 0 ; i < 16 ; i + + ) {
sprintf ( & ascii_p16 [ i * 2 ] , " %02X " , ( uchar ) new_p16 [ i ] ) ;
}
if ( got_valid_nt_entry ) {
/* Add on the NT md4 hash */
ascii_p16 [ 32 ] = ' : ' ;
for ( i = 0 ; i < 16 ; i + + ) {
sprintf ( & ascii_p16 [ ( i * 2 ) + 33 ] , " %02X " , ( uchar ) new_nt_p16 [ i ] ) ;
}
}
/*
* Do an atomic write into the file at the position defined by
* seekpos .
*/
pwfd = fileno ( fp ) ;
ret = lseek ( pwfd , seekpos - 1 , SEEK_SET ) ;
if ( ret ! = seekpos - 1 ) {
err = errno ;
fprintf ( stderr , " %s: seek fail on file %s. \n " ,
argv [ 0 ] , pfile ) ;
fclose ( fp ) ;
errno = err ;
perror ( argv [ 0 ] ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
/* Sanity check - ensure the character is a ':' */
if ( read ( pwfd , & c , 1 ) ! = 1 ) {
err = errno ;
fprintf ( stderr , " %s: read fail on file %s. \n " ,
argv [ 0 ] , pfile ) ;
fclose ( fp ) ;
errno = err ;
perror ( argv [ 0 ] ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
if ( c ! = ' : ' ) {
fprintf ( stderr , " %s: sanity check on passwd file %s failed. \n " ,
argv [ 0 ] , pfile ) ;
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
exit ( 1 ) ;
}
writelen = ( got_valid_nt_entry ) ? 65 : 32 ;
if ( write ( pwfd , ascii_p16 , writelen ) ! = writelen ) {
err = errno ;
fprintf ( stderr , " %s: write fail in file %s. \n " ,
argv [ 0 ] , pfile ) ;
fclose ( fp ) ;
errno = err ;
perror ( argv [ 0 ] ) ;
pw_file_unlock ( lockfd ) ;
exit ( err ) ;
}
fclose ( fp ) ;
pw_file_unlock ( lockfd ) ;
printf ( " Password changed \n " ) ;
return 0 ;
}
