mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
This removes unused paramaters from various authtication functions, and should
not change behaviour. This should make my later diffs smaller, where I actualy start cleaning up this mess... Andrew Bartlett
This commit is contained in:
parent
ebd2f9b07c
commit
04f090c224
@ -682,7 +682,7 @@ match is found and is used to update the encrypted password file
|
|||||||
return True on correct match, False otherwise
|
return True on correct match, False otherwise
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd,
|
BOOL pass_check(char *user, char *password, int pwlen,
|
||||||
BOOL (*fn) (char *, char *))
|
BOOL (*fn) (char *, char *))
|
||||||
{
|
{
|
||||||
pstring pass2;
|
pstring pass2;
|
||||||
@ -702,12 +702,7 @@ BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd,
|
|||||||
if (((!*password) || (!pwlen)) && !lp_null_passwords())
|
if (((!*password) || (!pwlen)) && !lp_null_passwords())
|
||||||
return (False);
|
return (False);
|
||||||
|
|
||||||
if (pwd && !user) {
|
pass = Get_Pwnam(user, True);
|
||||||
pass = (struct passwd *)pwd;
|
|
||||||
user = pass->pw_name;
|
|
||||||
} else {
|
|
||||||
pass = Get_Pwnam(user, True);
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef WITH_PAM
|
#ifdef WITH_PAM
|
||||||
|
|
||||||
|
@ -682,7 +682,7 @@ match is found and is used to update the encrypted password file
|
|||||||
return True on correct match, False otherwise
|
return True on correct match, False otherwise
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd,
|
BOOL pass_check(char *user, char *password, int pwlen,
|
||||||
BOOL (*fn) (char *, char *))
|
BOOL (*fn) (char *, char *))
|
||||||
{
|
{
|
||||||
pstring pass2;
|
pstring pass2;
|
||||||
@ -702,12 +702,7 @@ BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd,
|
|||||||
if (((!*password) || (!pwlen)) && !lp_null_passwords())
|
if (((!*password) || (!pwlen)) && !lp_null_passwords())
|
||||||
return (False);
|
return (False);
|
||||||
|
|
||||||
if (pwd && !user) {
|
pass = Get_Pwnam(user, True);
|
||||||
pass = (struct passwd *)pwd;
|
|
||||||
user = pass->pw_name;
|
|
||||||
} else {
|
|
||||||
pass = Get_Pwnam(user, True);
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef WITH_PAM
|
#ifdef WITH_PAM
|
||||||
|
|
||||||
|
@ -363,7 +363,7 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm
|
|||||||
become_root();
|
become_root();
|
||||||
|
|
||||||
if(!(p->ntlmssp_auth_validated = pass_check_smb(pipe_user_name, domain,
|
if(!(p->ntlmssp_auth_validated = pass_check_smb(pipe_user_name, domain,
|
||||||
(uchar*)p->challenge, lm_owf, nt_owf, NULL))) {
|
(uchar*)p->challenge, lm_owf, nt_owf))) {
|
||||||
DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \
|
DEBUG(1,("api_pipe_ntlmssp_verify: User %s\\%s from machine %s \
|
||||||
failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name ));
|
failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name ));
|
||||||
unbecome_root();
|
unbecome_root();
|
||||||
|
@ -1797,7 +1797,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
|
|||||||
|
|
||||||
if(SVAL(*rparam,0) != NERR_Success)
|
if(SVAL(*rparam,0) != NERR_Success)
|
||||||
{
|
{
|
||||||
if (password_ok(user, pass1,strlen(pass1),NULL) &&
|
if (password_ok(user, pass1,strlen(pass1)) &&
|
||||||
chgpasswd(user,pass1,pass2,False))
|
chgpasswd(user,pass1,pass2,False))
|
||||||
{
|
{
|
||||||
SSVAL(*rparam,0,NERR_Success);
|
SSVAL(*rparam,0,NERR_Success);
|
||||||
|
@ -520,7 +520,7 @@ return True if the password is correct, False otherwise
|
|||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
|
|
||||||
BOOL pass_check_smb(char *user, char *domain, uchar *chal,
|
BOOL pass_check_smb(char *user, char *domain, uchar *chal,
|
||||||
uchar *lm_pwd, uchar *nt_pwd, struct passwd *pwd)
|
uchar *lm_pwd, uchar *nt_pwd)
|
||||||
{
|
{
|
||||||
struct passwd *pass;
|
struct passwd *pass;
|
||||||
SAM_ACCOUNT *sampass=NULL;
|
SAM_ACCOUNT *sampass=NULL;
|
||||||
@ -533,17 +533,10 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
|
|||||||
|
|
||||||
/* FIXME! this code looks to be unnecessary now that the passdb
|
/* FIXME! this code looks to be unnecessary now that the passdb
|
||||||
validates that the username exists and has a valid uid */
|
validates that the username exists and has a valid uid */
|
||||||
if (pwd != NULL && user == NULL)
|
|
||||||
{
|
/* I don't get this call here. I think it should be moved.
|
||||||
pass = (struct passwd *) pwd;
|
Need to check on it. --jerry */
|
||||||
user = pass->pw_name;
|
pass = smb_getpwnam(user,True);
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
/* I don't get this call here. I think it should be moved.
|
|
||||||
Need to check on it. --jerry */
|
|
||||||
pass = smb_getpwnam(user,True);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (pass == NULL)
|
if (pass == NULL)
|
||||||
{
|
{
|
||||||
@ -612,7 +605,7 @@ check if a username/password pair is OK either via the system password
|
|||||||
database or the encrypted SMB password database
|
database or the encrypted SMB password database
|
||||||
return True if the password is correct, False otherwise
|
return True if the password is correct, False otherwise
|
||||||
****************************************************************************/
|
****************************************************************************/
|
||||||
BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd)
|
BOOL password_ok(char *user, char *password, int pwlen)
|
||||||
{
|
{
|
||||||
BOOL ret;
|
BOOL ret;
|
||||||
|
|
||||||
@ -631,7 +624,7 @@ BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd)
|
|||||||
}
|
}
|
||||||
|
|
||||||
ret = pass_check_smb(user, global_myworkgroup,
|
ret = pass_check_smb(user, global_myworkgroup,
|
||||||
challenge, (uchar *)password, (uchar *)password, pwd);
|
challenge, (uchar *)password, (uchar *)password);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Try with PAM (may not be compiled in - returns True if not. JRA).
|
* Try with PAM (may not be compiled in - returns True if not. JRA).
|
||||||
@ -643,7 +636,7 @@ BOOL password_ok(char *user, char *password, int pwlen, struct passwd *pwd)
|
|||||||
return (smb_pam_accountcheck(user) == NT_STATUS_NOPROBLEMO);
|
return (smb_pam_accountcheck(user) == NT_STATUS_NOPROBLEMO);
|
||||||
}
|
}
|
||||||
|
|
||||||
return pass_check(user, password, pwlen, pwd,
|
return pass_check(user, password, pwlen,
|
||||||
lp_update_encrypted() ?
|
lp_update_encrypted() ?
|
||||||
update_smbpassword_file : NULL);
|
update_smbpassword_file : NULL);
|
||||||
}
|
}
|
||||||
@ -692,7 +685,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum)
|
|||||||
while (getnetgrent(&host, &user, &domain)) {
|
while (getnetgrent(&host, &user, &domain)) {
|
||||||
if (user) {
|
if (user) {
|
||||||
if (user_ok(user, snum) &&
|
if (user_ok(user, snum) &&
|
||||||
password_ok(user,password,pwlen,NULL)) {
|
password_ok(user,password,pwlen)) {
|
||||||
endnetgrent();
|
endnetgrent();
|
||||||
return(user);
|
return(user);
|
||||||
}
|
}
|
||||||
@ -747,7 +740,7 @@ static char *validate_group(char *group,char *password,int pwlen,int snum)
|
|||||||
static fstring name;
|
static fstring name;
|
||||||
fstrcpy(name,member);
|
fstrcpy(name,member);
|
||||||
if (user_ok(name,snum) &&
|
if (user_ok(name,snum) &&
|
||||||
password_ok(name,password,pwlen,NULL)) {
|
password_ok(name,password,pwlen)) {
|
||||||
endgrent();
|
endgrent();
|
||||||
return(&name[0]);
|
return(&name[0]);
|
||||||
}
|
}
|
||||||
@ -822,7 +815,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
|
|||||||
if (!(GUEST_ONLY(snum) && GUEST_OK(snum))) {
|
if (!(GUEST_ONLY(snum) && GUEST_OK(snum))) {
|
||||||
/* check the given username and password */
|
/* check the given username and password */
|
||||||
if (!ok && (*user) && user_ok(user,snum)) {
|
if (!ok && (*user) && user_ok(user,snum)) {
|
||||||
ok = password_ok(user,password, pwlen, NULL);
|
ok = password_ok(user,password, pwlen);
|
||||||
if (ok)
|
if (ok)
|
||||||
DEBUG(3,("authorise_login: ACCEPTED: given username (%s) password ok\n",
|
DEBUG(3,("authorise_login: ACCEPTED: given username (%s) password ok\n",
|
||||||
user ));
|
user ));
|
||||||
@ -831,7 +824,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
|
|||||||
/* check for a previously registered guest username */
|
/* check for a previously registered guest username */
|
||||||
if (!ok && (vuser != 0) && vuser->guest) {
|
if (!ok && (vuser != 0) && vuser->guest) {
|
||||||
if (user_ok(vuser->user.unix_name,snum) &&
|
if (user_ok(vuser->user.unix_name,snum) &&
|
||||||
password_ok(vuser->user.unix_name, password, pwlen, NULL)) {
|
password_ok(vuser->user.unix_name, password, pwlen)) {
|
||||||
fstrcpy(user, vuser->user.unix_name);
|
fstrcpy(user, vuser->user.unix_name);
|
||||||
vuser->guest = False;
|
vuser->guest = False;
|
||||||
DEBUG(3,("authorise_login: ACCEPTED: given password with registered user %s\n", user));
|
DEBUG(3,("authorise_login: ACCEPTED: given password with registered user %s\n", user));
|
||||||
@ -853,7 +846,7 @@ BOOL authorise_login(int snum,char *user,char *password, int pwlen,
|
|||||||
if (!user_ok(user2,snum))
|
if (!user_ok(user2,snum))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (password_ok(user2,password, pwlen, NULL)) {
|
if (password_ok(user2,password, pwlen)) {
|
||||||
ok = True;
|
ok = True;
|
||||||
fstrcpy(user,user2);
|
fstrcpy(user,user2);
|
||||||
DEBUG(3,("authorise_login: ACCEPTED: session list username (%s) \
|
DEBUG(3,("authorise_login: ACCEPTED: session list username (%s) \
|
||||||
@ -902,7 +895,7 @@ and given password ok (%s)\n", user));
|
|||||||
} else {
|
} else {
|
||||||
fstring user2;
|
fstring user2;
|
||||||
fstrcpy(user2,auser);
|
fstrcpy(user2,auser);
|
||||||
if (user_ok(user2,snum) && password_ok(user2,password,pwlen,NULL)) {
|
if (user_ok(user2,snum) && password_ok(user2,password,pwlen)) {
|
||||||
ok = True;
|
ok = True;
|
||||||
fstrcpy(user,user2);
|
fstrcpy(user,user2);
|
||||||
DEBUG(3,("authorise_login: ACCEPTED: user list username \
|
DEBUG(3,("authorise_login: ACCEPTED: user list username \
|
||||||
|
@ -945,7 +945,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
|
|||||||
|
|
||||||
if(smb_ntpasslen)
|
if(smb_ntpasslen)
|
||||||
{
|
{
|
||||||
if(!password_ok(user, smb_ntpasswd,smb_ntpasslen,NULL))
|
if(!password_ok(user, smb_ntpasswd,smb_ntpasslen))
|
||||||
DEBUG(2,("NT Password did not match for user '%s'!\n", user));
|
DEBUG(2,("NT Password did not match for user '%s'!\n", user));
|
||||||
else
|
else
|
||||||
valid_nt_password = True;
|
valid_nt_password = True;
|
||||||
@ -957,7 +957,7 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,int
|
|||||||
if (!valid_nt_password && lp_lanman_auth())
|
if (!valid_nt_password && lp_lanman_auth())
|
||||||
{
|
{
|
||||||
DEBUG(2,("Defaulting to Lanman password for %s\n", user));
|
DEBUG(2,("Defaulting to Lanman password for %s\n", user));
|
||||||
valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen,NULL);
|
valid_lm_password = password_ok(user, smb_apasswd,smb_apasslen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -407,7 +407,7 @@ static BOOL cgi_handle_authorization(char *line)
|
|||||||
|
|
||||||
tested_pass = True;
|
tested_pass = True;
|
||||||
|
|
||||||
if(pass_check(user, user_pass, strlen(user_pass), NULL, NULL) == True) {
|
if(pass_check(user, user_pass, strlen(user_pass), NULL) == True) {
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Password was ok.
|
* Password was ok.
|
||||||
@ -434,7 +434,7 @@ static BOOL cgi_handle_authorization(char *line)
|
|||||||
|
|
||||||
if (!tested_pass)
|
if (!tested_pass)
|
||||||
pass_check(default_user_lookup, default_user_pass,
|
pass_check(default_user_lookup, default_user_pass,
|
||||||
strlen(default_user_pass), NULL, NULL);
|
strlen(default_user_pass), NULL);
|
||||||
|
|
||||||
cgi_setup_error("401 Bad Authorization", "",
|
cgi_setup_error("401 Bad Authorization", "",
|
||||||
"username or password incorrect");
|
"username or password incorrect");
|
||||||
|
Loading…
Reference in New Issue
Block a user