sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

smbdotconf: mark "passwd chat" with substitution="1"

Browse Source 
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Ralph Boehme 2019-11-05 11:13:30 +01:00 committed by Stefan Metzmacher
parent ea61dd917e
commit 4551dd2784
4 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs-xml/smbdotconf/security/passwdchat.xml
View File

@ -1,6 +1,7 @@
<samba:parameter name="passwd chat"
context="G"
type="string"
substitution="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This string controls the <emphasis>&quot;chat&quot;</emphasis>

4
source3/auth/pampass.c
View File

@ -291,6 +291,8 @@ static int smb_pam_passchange_conv(int num_msg,
struct smb_pam_userdata *udp = (struct smb_pam_userdata *)appdata_ptr;
struct chat_struct *pw_chat;
struct chat_struct *t;
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
bool found;
*resp = NULL;
@ -299,7 +301,7 @@ static int smb_pam_passchange_conv(int num_msg,
if (num_msg <= 0)
return PAM_CONV_ERR;
if ((pw_chat = make_pw_chat(lp_passwd_chat(talloc_tos()))) == NULL)
if ((pw_chat = make_pw_chat(lp_passwd_chat(talloc_tos(), lp_sub))) == NULL)
return PAM_CONV_ERR;
/*

4
source3/rpc_server/samr/srv_samr_chgpasswd.c
View File

@ -510,6 +510,8 @@ while we were waiting\n", WTERMSIG(wstat)));
bool chgpasswd(const char *name, const char *rhost, const struct passwd *pass,
const char *oldpass, const char *newpass, bool as_root)
{
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
char *passwordprogram = NULL;
char *chatsequence = NULL;
size_t i;
@ -597,7 +599,7 @@ bool chgpasswd(const char *name, const char *rhost, const struct passwd *pass,
DEBUG(2, ("chgpasswd: Null password program - no password changing\n"));
return false;
}
chatsequence = lp_passwd_chat(ctx);
chatsequence = lp_passwd_chat(ctx, lp_sub);
if (!chatsequence || !*chatsequence) {
DEBUG(2, ("chgpasswd: Null chat sequence - no password changing\n"));
return false;

8
source3/utils/testparm.c
View File

@ -211,6 +211,8 @@ static int do_global_checks(void)
int ret = 0;
SMB_STRUCT_STAT st;
const char *socket_options;
const struct loadparm_substitution *lp_sub =
loadparm_s3_global_substitution();
if (lp_security() >= SEC_DOMAIN && !lp_encrypt_passwords()) {
fprintf(stderr, "ERROR: in 'security=domain' mode the "
@ -407,7 +409,7 @@ static int do_global_checks(void)
}
#endif
if(lp_passwd_chat(talloc_tos()) == NULL) {
if(lp_passwd_chat(talloc_tos(), lp_sub) == NULL) {
fprintf(stderr,
"ERROR: the 'unix password sync' parameter is "
"set and there is no valid 'passwd chat' "
@ -434,14 +436,14 @@ static int do_global_checks(void)
*/
if(lp_encrypt_passwords()) {
if(strstr_m( lp_passwd_chat(talloc_tos()), "%o")!=NULL) {
if(strstr_m( lp_passwd_chat(talloc_tos(), lp_sub), "%o")!=NULL) {
fprintf(stderr,
"ERROR: the 'passwd chat' script [%s] "
"expects to use the old plaintext "
"password via the %%o substitution. With "
"encrypted passwords this is not "
"possible.\n\n",
lp_passwd_chat(talloc_tos()) );
lp_passwd_chat(talloc_tos(), lp_sub) );
ret = 1;
}
}