sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-11 16:58:40 +03:00
Code

password.c:

Browse Source 
added become_root / unbecome_root around the get machine account password.

smbpass.c:

	cleaning up code.

	- turning if (BOOL_expr == False) into if (BOOL_expr)
	  what if you test if (BOOL_expr == True) and someone defines
	  True to be -1 on one system and 1 on another?  or if you get
	  inconsistent return results between developers

	- removed if ((FILE*) == 0) and made this if ((FILE*) == NULL) -
	  cannot assume that NULL is zero integer.  plus there are typecast
	  issues to deal with

	- removed return (ret == 0) ? True : False and made this return ret == 0
	  rely on the compiler to return correct BOOL value: not all developers
	  will return True or False #defines: stick with BOOL test (non-zero).

	- removed if (ret == False) replaced with if (!ret)

	- bug where instead of if (sizeof(pstring)-len-len-6 < 0) it had a
	  boolean test if (pstring-len-len-6).

	- removed "." after debugging of filenames: the "." - a fullstop -
	  looked like it was part of the filename, making things difficult
	  to sort out.

still to be resolved: the global_myname isn't set up, such that the
machine account password file is named "TEST3..mac".
This commit is contained in:
Luke Leighton -
parent 17b94a7084
commit 315e26c23a
2 changed files with 21 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
source/passdb/smbpass.c
View File

@ -63,7 +63,7 @@ static BOOL do_pw_lock(int fd, int waitsecs, int type)
return False; return False;
} }
return ((ret == 0) ? True : False); return (ret == 0);
} }
static int pw_file_lock_depth; static int pw_file_lock_depth;
@ -103,7 +103,7 @@ static BOOL pw_file_unlock(int fd, int *plock_depth)
(*plock_depth)--; (*plock_depth)--;
if(ret == False) if(!ret)
DEBUG(10,("pw_file_unlock: unlocking file failed, error = %s.\n", DEBUG(10,("pw_file_unlock: unlocking file failed, error = %s.\n",
strerror(errno))); strerror(errno)));
return ret; return ret;
@ -135,7 +135,8 @@ void *startsmbpwent(BOOL update)
/* Set a 16k buffer to do more efficient reads */ /* Set a 16k buffer to do more efficient reads */
setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf)); setvbuf(fp, s_readbuf, _IOFBF, sizeof(s_readbuf));
if ((pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5, &pw_file_lock_depth)) == False) { if (!pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), 5, &pw_file_lock_depth))
{
DEBUG(0, ("startsmbpwent: unable to lock file %s\n", pfile)); DEBUG(0, ("startsmbpwent: unable to lock file %s\n", pfile));
fclose(fp); fclose(fp);
return NULL; return NULL;
@ -773,7 +774,7 @@ BOOL mod_smbpwd_entry(struct smb_passwd* pwd)
lockfd = fileno(fp); lockfd = fileno(fp);
if (pw_file_lock(lockfd, F_RDLCK | F_WRLCK, 5, &pw_file_lock_depth) == False) { if (!pw_file_lock(lockfd, F_RDLCK | F_WRLCK, 5, &pw_file_lock_depth)) {
DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile)); DEBUG(0, ("mod_smbpwd_entry: unable to lock file %s\n", pfile));
fclose(fp); fclose(fp);
return False; return False;
@ -1086,12 +1087,17 @@ void *machine_password_lock( char *domain, char *name, BOOL update)
char *p; char *p;
if(mach_passwd_lock_depth == 0) { if(mach_passwd_lock_depth == 0) {
pstrcpy(mac_file, lp_smb_passwd_file()); pstrcpy(mac_file, lp_smb_passwd_file());
p = strrchr(mac_file, '/'); p = strrchr(mac_file, '/');
if(p != NULL) if(p != NULL)
*++p = '\0'; *++p = '\0';
mac_file_len = strlen(mac_file); mac_file_len = strlen(mac_file);
if(sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6) {
if (sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6 < 0)
{
DEBUG(0,("machine_password_lock: path %s too long to add machine details.\n", DEBUG(0,("machine_password_lock: path %s too long to add machine details.\n",
mac_file)); mac_file));
return NULL; return NULL;
@ -1102,8 +1108,8 @@ void *machine_password_lock( char *domain, char *name, BOOL update)
strcat(mac_file, name); strcat(mac_file, name);
strcat(mac_file, ".mac"); strcat(mac_file, ".mac");
if((fp = fopen(mac_file, "r+b")) == 0) { if((fp = fopen(mac_file, "r+b")) == NULL) {
DEBUG(0,("machine_password_lock: cannot open file %s. Error was %s.\n", DEBUG(0,("machine_password_lock: cannot open file %s - Error was %s.\n",
mac_file, strerror(errno) )); mac_file, strerror(errno) ));
return NULL; return NULL;
} }
@ -1111,9 +1117,10 @@ void *machine_password_lock( char *domain, char *name, BOOL update)
chmod(mac_file, 0600); chmod(mac_file, 0600);
} }
if(pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0), if(!pw_file_lock(fileno(fp), F_RDLCK | (update ? F_WRLCK : 0),
60, &mach_passwd_lock_depth) == False) { 60, &mach_passwd_lock_depth))
DEBUG(0,("machine_password_lock: cannot lock file %s.\n", mac_file)); {
DEBUG(0,("machine_password_lock: cannot lock file %s\n", mac_file));
fclose(fp); fclose(fp);
return NULL; return NULL;
} }

4
source/smbd/password.c
View File

@ -1932,6 +1932,8 @@ BOOL domain_client_validate( char *user, char *domain,
} }
} }
become_root(False);
/* /*
* Get the machine account password. * Get the machine account password.
*/ */
@ -1950,6 +1952,8 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup ));
machine_password_unlock(vp); machine_password_unlock(vp);
unbecome_root(False);
/* /*
* Here we should check the last change time to see if the machine * Here we should check the last change time to see if the machine
* password needs changing..... TODO... JRA. * password needs changing..... TODO... JRA.