sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-23 09:57:40 +03:00
Code

Patch from Simo:

Browse Source 
o sed 's/pdb_clear_sam/pdb_free_sam/g'
  o add pdb_reset_sam()
  o password changing should be ok now as well.
This commit is contained in:
Gerald Carter -
parent 6bd197714a
commit 96d0e7c330
13 changed files with 191 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
source/include/proto.h
View File

@ -674,7 +674,6 @@ void all_string_sub(char *s,const char *pattern,const char *insert, size_t len);
void split_at_last_component(char *path, char *front, char sep, char *back);
char *octal_string(int i);
char *string_truncate(char *s, int length);
void parse_domain_user(char *domuser, fstring domain, fstring user);
/*The following definitions come from lib/util_unistr.c */
@ -1668,6 +1667,45 @@ int write_sock(void *buffer, int count);
int read_reply(struct winbindd_response *response);
void free_response(struct winbindd_response *response);
/*The following definitions come from nsswitch/winbindd_glue.c */
BOOL wb_lsa_open_policy(char *server, BOOL sec_qos, uint32 des_access,
CLI_POLICY_HND *pol);
BOOL wb_lsa_enum_trust_dom(CLI_POLICY_HND *hnd, uint32 *enum_ctx,
uint32 * num_doms, char ***names, DOM_SID **sids);
BOOL wb_lsa_query_info_pol(CLI_POLICY_HND *hnd, uint16 info_class,
fstring domain_name, DOM_SID *domain_sid);
BOOL wb_lsa_lookup_names(CLI_POLICY_HND *hnd, int num_names, char **names,
DOM_SID **sids, uint32 **types, int *num_sids);
BOOL wb_lsa_lookup_sids(CLI_POLICY_HND *hnd, int num_sids, DOM_SID *sids,
char ***names, uint32 **types, int *num_names);
BOOL wb_lsa_close(CLI_POLICY_HND *hnd);
BOOL wb_samr_close(CLI_POLICY_HND *hnd);
BOOL wb_samr_connect(char *srv_name, uint32 access_mask,
CLI_POLICY_HND *connect_pol);
BOOL wb_samr_open_domain(CLI_POLICY_HND *connect_pol, uint32 ace_perms,
DOM_SID *sid, CLI_POLICY_HND *domain_pol);
void wb_free_samr_userinfo_ctr(SAM_USERINFO_CTR * ctr);
uint32 wb_samr_enum_dom_groups(CLI_POLICY_HND *pol, uint32 *start_idx,
uint32 size, struct acct_info **sam,
uint32 *num_sam_groups);
BOOL wb_get_samr_query_userinfo(CLI_POLICY_HND *pol, uint32 info_level,
uint32 user_rid, SAM_USERINFO_CTR *ctr);
BOOL wb_samr_open_user(CLI_POLICY_HND *pol, uint32 access_mask, uint32 rid,
POLICY_HND *user_pol);
BOOL wb_samr_query_usergroups(CLI_POLICY_HND *pol, uint32 *num_groups,
DOM_GID **gid);
BOOL wb_get_samr_query_groupinfo(CLI_POLICY_HND *pol, uint32 info_level,
uint32 group_rid, GROUP_INFO_CTR *ctr);
BOOL wb_sam_query_groupmem(CLI_POLICY_HND *pol, uint32 group_rid,
uint32 *num_names, uint32 **rid_mem,
char ***names, uint32 **name_types);
BOOL wb_samr_query_dom_info(CLI_POLICY_HND *pol, uint16 switch_value,
SAM_UNK_CTR *ctr);
BOOL wb_samr_query_dispinfo(CLI_POLICY_HND *pol, uint32 *start_ndx,
uint16 info_level, uint32 *num_entries,
SAM_DISPINFO_CTR *ctr);
/*The following definitions come from param/loadparm.c */
void lp_talloc_free(void);
@ -1989,7 +2027,8 @@ BOOL pass_check(char *user, char *password, int pwlen, struct passwd *pwd,
BOOL initialize_password_db(BOOL reload);
BOOL pdb_init_sam(SAM_ACCOUNT **user);
BOOL pdb_clear_sam(SAM_ACCOUNT *user);
BOOL pdb_free_sam(SAM_ACCOUNT *user);
BOOL pdb_reset_sam(SAM_ACCOUNT *user);
struct sam_disp_info *pdb_sam_to_dispinfo(SAM_ACCOUNT *user);
char *pdb_encode_acct_ctrl(uint16 acct_ctrl, size_t length);
uint16 pdb_decode_acct_ctrl(const char *p);

57
source/passdb/passdb.c
View File

@ -139,12 +139,12 @@ BOOL pdb_init_sam(SAM_ACCOUNT **user)
/************************************************************
free the SAM_ACCOUNT and the NT/LM hashes.
***********************************************************/
BOOL pdb_clear_sam(SAM_ACCOUNT *user)
BOOL pdb_free_sam(SAM_ACCOUNT *user)
{
if (user == NULL) {
DEBUG(0,("pdb_clear_sam: SAM_ACCOUNT was NULL\n"));
DEBUG(0,("pdb_free_sam: SAM_ACCOUNT was NULL\n"));
#if 0
smb_panic("NULL pointer passed to pdb_clear_sam\n");
smb_panic("NULL pointer passed to pdb_free_sam\n");
#endif
return False;
}
@ -156,10 +156,32 @@ BOOL pdb_clear_sam(SAM_ACCOUNT *user)
free(user->lm_pw);
free(user);
user = NULL;
return True;
}
/************************************************************
reset the SAM_ACCOUNT and the NT/LM hashes.
***********************************************************/
BOOL pdb_reset_sam(SAM_ACCOUNT *user)
{
if (user == NULL) {
DEBUG(0,("pdb_reset_sam: SAM_ACCOUNT was NULL\n"));
return False;
}
if (user->nt_pw)
free(user->nt_pw);
if (user->lm_pw)
free(user->lm_pw);
ZERO_STRUCTP(user);
return True;
}
/*************************************************************************
Routine to return the next entry in the sam passwd list.
@ -854,15 +876,12 @@ account without a valid local system user.\n", user_name);
/* Get the smb passwd entry for this user */
pdb_init_sam(&sam_pass);
if(!pdb_getsampwnam(sam_pass, user_name)) {
pdb_clear_sam(sam_pass);
return False;
}
if (sam_pass == NULL) {
if(!pdb_getsampwnam(sam_pass, user_name))
{
pdb_free_sam(sam_pass);
if(!(local_flags & LOCAL_ADD_USER)) {
slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name);
pdb_clear_sam(sam_pass);
return False;
}
@ -895,15 +914,13 @@ account without a valid local system user.\n", user_name);
pdb_set_nt_passwd (new_sam_acct, new_nt_p16);
}
pdb_clear_sam(sam_pass);
if (pdb_add_sam_account(new_sam_acct)) {
slprintf(msg_str, msg_str_len-1, "Added user %s.\n", user_name);
pdb_clear_sam(new_sam_acct);
pdb_free_sam(new_sam_acct);
return True;
} else {
slprintf(err_str, err_str_len-1, "Failed to add entry for user %s.\n", user_name);
pdb_clear_sam(new_sam_acct);
pdb_free_sam(new_sam_acct);
return False;
}
} else {
@ -925,13 +942,14 @@ account without a valid local system user.\n", user_name);
pdb_set_nt_passwd (sam_pass, new_nt_p16);
}
pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)&(~ACB_DISABLED));
} else if (local_flags & LOCAL_SET_NO_PASSWORD) {
}
else if (local_flags & LOCAL_SET_NO_PASSWORD) {
pdb_set_acct_ctrl (sam_pass, pdb_get_acct_ctrl(sam_pass)|ACB_PWNOTREQ);
/* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
pdb_set_lanman_passwd (sam_pass, NULL);
pdb_set_nt_passwd (sam_pass, NULL);
}
}
else
{
/*
@ -953,7 +971,7 @@ account without a valid local system user.\n", user_name);
if(local_flags & LOCAL_DELETE_USER) {
if (!pdb_delete_sam_account(user_name)) {
slprintf(err_str,err_str_len-1, "Failed to delete entry for user %s.\n", user_name);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return False;
}
slprintf(msg_str, msg_str_len-1, "Deleted user %s.\n", user_name);
@ -962,7 +980,7 @@ account without a valid local system user.\n", user_name);
{
if(!pdb_update_sam_account(sam_pass, True)) {
slprintf(err_str, err_str_len-1, "Failed to modify entry for user %s.\n", user_name);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return False;
}
if(local_flags & LOCAL_DISABLE_USER)
@ -973,7 +991,7 @@ account without a valid local system user.\n", user_name);
slprintf(msg_str, msg_str_len-1, "User %s password set to none.\n", user_name);
}
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return True;
}
@ -1569,3 +1587,4 @@ BOOL pdb_set_hours (SAM_ACCOUNT *sampass, uint8 *hours)
return True;
}

20
source/passdb/pdb_tdb.c
View File

@ -79,6 +79,7 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf,
*nt_pw_ptr;
uint32 len = 0;
uint32 lmpwlen, ntpwlen, hourslen;
/* unpack the buffer into variables */
len = tdb_unpack (buf, buflen, TDB_FORMAT_STRING,
@ -148,6 +149,7 @@ static BOOL init_sam_from_buffer (SAM_ACCOUNT *sampass, uint8 *buf,
pdb_set_logons_divs(sampass, logon_divs);
pdb_set_hours(sampass, hours);
/* TODO: free TDB alloced memory !!!!! */
return True;
}
@ -491,7 +493,6 @@ BOOL pdb_getsampwnam (SAM_ACCOUNT *user, char *sname)
}
/* unpack the buffer */
/*pdb_clear_sam (&global_sam_pass);*/
if (!init_sam_from_buffer (user, data.dptr, data.dsize))
{
DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
@ -543,7 +544,7 @@ BOOL pdb_getsampwuid (SAM_ACCOUNT* user, uid_t uid)
if (pw == NULL)
{
DEBUG(0,("pdb_getsampwuid: getpwuid(%d) return NULL. User does not exist!\n", uid));
return NULL;
return False;
}
fstrcpy (name, pw->pw_name);
@ -606,6 +607,7 @@ BOOL pdb_getsampwrid (SAM_ACCOUNT *user, uint32 rid)
BOOL pdb_delete_sam_account(char *sname)
{
struct passwd *pwd = NULL;
SAM_ACCOUNT *sam_pass = NULL;
TDB_CONTEXT *pwd_tdb;
TDB_DATA key, data;
fstring keystr;
@ -642,14 +644,22 @@ BOOL pdb_delete_sam_account(char *sname)
}
/* unpack the buffer */
pdb_clear_sam (&global_sam_pass);
if (!init_sam_from_buffer (&global_sam_pass, data.dptr, data.dsize))
if (!pdb_init_sam (&sam_pass))
{
tdb_close (pwd_tdb);
return False;
}
if (!init_sam_from_buffer (sam_pass, data.dptr, data.dsize))
{
DEBUG(0,("pdb_getsampwent: Bad SAM_ACCOUNT entry returned from TDB!\n"));
tdb_close (pwd_tdb);
return False;
}
pwd = sys_getpwnam(global_sam_pass.username);
pwd = sys_getpwnam(sam_pass->username);
pdb_free_sam (sam_pass);
rid = pdb_uid_to_user_rid (pwd->pw_uid);

20
source/rpc_server/srv_netlog_nt.c
View File

@ -149,19 +149,19 @@ static BOOL get_md4pw(char *md4pw, char *mach_acct)
if (ret==False) {
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
if (!(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) && ((pass=pdb_get_nt_passwd(sampass)) != NULL)) {
memcpy(md4pw, pass, 16);
dump_data(5, md4pw, 16);
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return True;
}
DEBUG(0,("get_md4pw: Workstation %s: no account in domain\n", mach_acct));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -347,7 +347,7 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_
/* Ensure the account exists and is a machine account. */
if (ret==False || !(pdb_get_acct_ctrl(sampass) & ACB_WSTRUST)) {
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return NT_STATUS_NO_SUCH_USER;
}
@ -358,7 +358,7 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_
*/
if (!strequal(mach_acct, p->dc.mach_acct)) {
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return NT_STATUS_ACCESS_DENIED;
}
@ -385,7 +385,7 @@ uint32 _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_
/* set up the LSA Server Password Set response */
init_net_r_srv_pwset(r_u, &srv_cred, status);
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return r_u->status;
}
@ -586,14 +586,14 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
unbecome_root();
if (ret == False){
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return NT_STATUS_NO_SUCH_USER;
}
acct_ctrl = pdb_get_acct_ctrl(sampass);
if (acct_ctrl & ACB_DISABLED) {
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return NT_STATUS_ACCOUNT_DISABLED;
}
@ -613,7 +613,7 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
}
if (status != NT_STATUS_NOPROBLEMO) {
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return status;
}
@ -671,6 +671,6 @@ uint32 _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *r_
&global_sam_sid, /* DOM_SID *dom_sid */
NULL); /* char *other_sids */
}
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return status;
}

8
source/rpc_server/srv_pipe.c
View File

@ -375,7 +375,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
if(!pdb_getsampwnam(sampass, pipe_user_name)) {
DEBUG(1,("api_pipe_ntlmssp_verify: Cannot find user %s in smb passwd database.\n",
pipe_user_name));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
unbecome_root();
return False;
}
@ -385,13 +385,13 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
/* Quit if the account was disabled. */
if((pdb_get_acct_ctrl(sampass) & ACB_DISABLED) || !pdb_get_lanman_passwd(sampass)) {
DEBUG(1,("Account for user '%s' was disabled.\n", pipe_user_name));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
if(!pdb_get_nt_passwd(sampass)) {
DEBUG(1,("Account for user '%s' has no NT password hash.\n", pipe_user_name));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -460,7 +460,7 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name
p->ntlmssp_auth_validated = True;
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return True;
}

96
source/rpc_server/srv_samr_nt.c
View File

@ -105,7 +105,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
if (!pdb_setsampwent(False)) {
DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n"));
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
@ -146,7 +146,7 @@ static BOOL get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
}
pdb_endsampwent();
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return (*num_entries) > 0;
}
@ -217,7 +217,7 @@ static BOOL jf_get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx,
*total_entries = *num_entries;
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return True;
}
@ -1419,12 +1419,12 @@ uint32 _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN_U
/* check that the RID exists in our domain. */
if (ret == False) {
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return NT_STATUS_NO_SUCH_USER;
}
samr_clear_sam_passwd(sampass);
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid))
@ -1470,7 +1470,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
if (ret==False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
pdb_clear_sam(smbpass);
pdb_free_sam(smbpass);
return False;
}
@ -1479,7 +1479,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid)
init_sam_user_info10(id10, pdb_get_acct_ctrl(smbpass) );
samr_clear_sam_passwd(smbpass);
pdb_clear_sam(smbpass);
pdb_free_sam(smbpass);
return True;
}
@ -1510,20 +1510,20 @@ static uint32 get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint32
if (ret == False) {
DEBUG(4, ("User 0x%x not found\n", user_rid));
pdb_clear_sam(smbpass);
pdb_free_sam(smbpass);
return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED;
}
DEBUG(3,("User:[%s] 0x%x\n", pdb_get_username(smbpass), pdb_get_acct_ctrl(smbpass) ));
if ( pdb_get_acct_ctrl(smbpass) & ACB_DISABLED) {
pdb_clear_sam(smbpass);
pdb_free_sam(smbpass);
return NT_STATUS_ACCOUNT_DISABLED;
}
init_sam_user_info12(id12, pdb_get_lanman_passwd(smbpass), pdb_get_nt_passwd(smbpass));
pdb_clear_sam(smbpass);
pdb_free_sam(smbpass);
return NT_STATUS_NOPROBLEMO;
}
@ -1548,7 +1548,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
if (ret == False) {
DEBUG(4,("User 0x%x not found\n", user_rid));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -1558,7 +1558,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid)
init_sam_user_info21A(id21, sampass);
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return True;
}
@ -1800,7 +1800,7 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
unbecome_root();
if (ret == True) {
/* machine account exists: say so */
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_USER_EXISTS;
}
@ -1835,7 +1835,7 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
sizeof(err_str), msg_str, sizeof(msg_str))) {
DEBUG(0, ("%s\n", err_str));
close_policy_hnd(p, user_pol);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
@ -1845,27 +1845,27 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
if (ret == False) {
/* account doesn't exist: say so */
close_policy_hnd(p, user_pol);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
/* Get the domain SID stored in the domain policy */
if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) {
close_policy_hnd(p, user_pol);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_INVALID_HANDLE;
}
/* append the user's RID to it */
if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) {
close_policy_hnd(p, user_pol);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_NO_SUCH_USER;
}
/* associate the user's SID with the new handle. */
if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL) {
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_NO_MEMORY;
}
@ -1874,14 +1874,14 @@ uint32 _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_CR
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) {
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
r_u->user_rid=sam_pass->user_rid;
r_u->unknown_0 = 0x000703ff;
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_NO_PROBLEMO;
}
@ -2077,24 +2077,24 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid)
ret = pdb_getsampwrid(pwd, rid);
if(ret==False) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
if (id10 == NULL) {
DEBUG(5, ("set_user_info_10: NULL id10\n"));
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
pdb_set_acct_ctrl(pwd, id10->acb_info);
if(!pdb_update_sam_account(pwd, True)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return True;
}
@ -2111,13 +2111,13 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
pdb_init_sam(&pwd);
if(!pdb_getsampwrid(pwd, rid)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
if (id12 == NULL) {
DEBUG(2, ("set_user_info_12: id12 is NULL\n"));
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
@ -2125,11 +2125,11 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid)
pdb_set_nt_passwd (pwd, id12->nt_pwd);
if(!pdb_update_sam_account(pwd, True)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return True;
}
@ -2151,8 +2151,8 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
pdb_init_sam(&new_pwd);
if (!pdb_getsampwrid(pwd, rid)) {
pdb_clear_sam(pwd);
pdb_clear_sam(new_pwd);
pdb_free_sam(pwd);
pdb_free_sam(new_pwd);
return False;
}
@ -2169,13 +2169,13 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid)
/* write the change out */
if(!pdb_update_sam_account(new_pwd, True)) {
pdb_clear_sam(pwd);
pdb_clear_sam(new_pwd);
pdb_free_sam(pwd);
pdb_free_sam(new_pwd);
return False;
}
pdb_clear_sam(pwd);
pdb_clear_sam(new_pwd);
pdb_free_sam(pwd);
pdb_free_sam(new_pwd);
return True;
}
@ -2203,20 +2203,20 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
pdb_init_sam(&new_pwd);
if (pdb_getsampwrid(pwd, rid)) {
pdb_clear_sam(pwd);
pdb_clear_sam(new_pwd);
pdb_free_sam(pwd);
pdb_free_sam(new_pwd);
return False;
}
acct_ctrl = pdb_get_acct_ctrl(pwd);
copy_sam_passwd(new_pwd, pwd);
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
copy_id23_to_sam_passwd(new_pwd, id23);
if (!decode_pw_buffer((char*)id23->pass, buf, 256, &len, nt_hash, lm_hash)) {
pdb_clear_sam(new_pwd);
pdb_free_sam(new_pwd);
return False;
}
@ -2232,7 +2232,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
/* update the UNIX password */
if (lp_unix_password_sync() )
if(!chgpasswd(pdb_get_username(new_pwd), "", buf, True)) {
pdb_clear_sam(new_pwd);
pdb_free_sam(new_pwd);
return False;
}
}
@ -2240,11 +2240,11 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
memset(buf, 0, sizeof(buf));
if(!pdb_update_sam_account(new_pwd, True)) {
pdb_clear_sam(new_pwd);
pdb_free_sam(new_pwd);
return False;
}
pdb_clear_sam(new_pwd);
pdb_free_sam(new_pwd);
return True;
}
@ -2265,7 +2265,7 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
pdb_init_sam(&pwd);
if (!pdb_getsampwrid(pwd, rid)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
@ -2274,7 +2274,7 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
memset(buf, 0, sizeof(buf));
if (!decode_pw_buffer((char*)id24->pass, buf, 256, &len, nt_hash, lm_hash)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
@ -2290,7 +2290,7 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
/* update the UNIX password */
if (lp_unix_password_sync())
if(!chgpasswd(pdb_get_username(pwd), "", buf, True)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
}
@ -2301,11 +2301,11 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
/* update the SAMBA password */
if(!pdb_update_sam_account(pwd, True)) {
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return False;
}
pdb_clear_sam(pwd);
pdb_free_sam(pwd);
return True;
}
@ -2364,14 +2364,14 @@ uint32 _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_
unbecome_root();
if(ret == False) {
DEBUG(0,("_samr_set_userinfo: Unable to get smbpasswd entry for uid %u\n", (unsigned int)user.uid ));
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
return NT_STATUS_ACCESS_DENIED;
}
memset(sess_key, '\0', 16);
mdfour(sess_key, pdb_get_nt_passwd(sam_pass), 16);
pdb_clear_sam(sam_pass);
pdb_free_sam(sam_pass);
/* ok! user info levels (lots: see MSDEV help), off we go... */
switch (switch_value) {

8
source/rpc_server/srv_util.c
View File

@ -277,12 +277,12 @@ uint32 local_lookup_user_name(uint32 rid, char *user_name, uint32 *type)
if (ret == True) {
fstrcpy(user_name, pdb_get_username(sampwd) );
DEBUG(5,(" = %s\n", user_name));
pdb_clear_sam(sampwd);
pdb_free_sam(sampwd);
return 0x0;
}
DEBUG(5,(" none mapped\n"));
pdb_clear_sam(sampwd);
pdb_free_sam(sampwd);
return NT_STATUS_NONE_MAPPED;
}
@ -343,10 +343,10 @@ uint32 local_lookup_user_rid(char *user_name, uint32 *rid)
if (ret == True) {
(*rid) = pdb_get_user_rid(sampass);
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return 0x0;
}
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return NT_STATUS_NONE_MAPPED;
}

10
source/smbd/chgpasswd.c
View File

@ -565,7 +565,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
if (ret == False) {
DEBUG(0,("check_lanman_password: getsampwnam returned NULL\n"));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -574,7 +574,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
if (acct_ctrl & ACB_DISABLED) {
DEBUG(0,("check_lanman_password: account %s disabled.\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -586,7 +586,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
}
else if (lanman_pw == NULL) {
DEBUG(0, ("check_lanman_password: no lanman password !\n"));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -599,7 +599,7 @@ BOOL check_lanman_password(char *user, uchar * pass1,
/* Check that the two old passwords match. */
if (memcmp(lanman_pw, unenc_old_pw, 16)) {
DEBUG(0,("check_lanman_password: old password doesn't match.\n"));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -692,7 +692,7 @@ BOOL pass_oem_change(char *user,
memset(new_passwd, 0, sizeof(new_passwd));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return ret;
}

4
source/smbd/lanman.c
View File

@ -1788,7 +1788,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
if(lp_unix_password_sync() && !chgpasswd(user,pass1,saved_pass2,False))
SSVAL(*rparam,0,NERR_badpass);
}
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
}
@ -1825,7 +1825,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
{
SSVAL(*rparam,0,NERR_Success);
}
pdb_clear_sam(hnd);
pdb_free_sam(hnd);
}

18
source/smbd/password.c
View File

@ -376,7 +376,7 @@ static BOOL update_smbpassword_file(char *user, char *password)
if(ret == False) {
DEBUG(0,("pdb_getsampwnam returned NULL\n"));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}
@ -393,7 +393,7 @@ static BOOL update_smbpassword_file(char *user, char *password)
DEBUG(3,("change_oem_password returned False\n"));
}
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return ret;
}
@ -558,14 +558,14 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
if (ret == False)
{
DEBUG(1,("Couldn't find user '%s' in passdb file.\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return(False);
}
/* Quit if the account was disabled. */
if(pdb_get_acct_ctrl(sampass) & ACB_DISABLED) {
DEBUG(1,("Account for user '%s' was disabled.\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return(False);
}
@ -575,7 +575,7 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
if (smb_pass->smb_userid != pass->pw_uid)
{
DEBUG(0,("Error : UNIX and SMB uids in password files do not match for user '%s'!\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return(False);
}
#endif
@ -585,25 +585,25 @@ BOOL pass_check_smb(char *user, char *domain, uchar *chal,
if (lp_null_passwords())
{
DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return(True);
}
else
{
DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return(False);
}
}
if (smb_password_ok(sampass, chal, lm_pwd, nt_pwd))
{
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return(True);
}
DEBUG(2,("pass_check_smb failed - invalid password for user [%s]\n", user));
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
return False;
}

10
source/smbd/reply.c
View File

@ -436,7 +436,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out
} else {
DEBUG(0,("session_trust_account: Trust account %s only supported with security = user\n", user));
SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
pdb_clear_sam(sam_trust_acct);
pdb_free_sam(sam_trust_acct);
return(ERROR(0, NT_STATUS_LOGON_FAILURE));
}
@ -444,25 +444,25 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out
/* lkclXXXX: workstation entry doesn't exist */
DEBUG(0,("session_trust_account: Trust account %s user doesn't exist\n",user));
SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
pdb_clear_sam(sam_trust_acct);
pdb_free_sam(sam_trust_acct);
return(ERROR(0, NT_STATUS_NO_SUCH_USER));
} else {
if ((smb_passlen != 24) || (smb_nt_passlen != 24)) {
DEBUG(0,("session_trust_account: Trust account %s - password length wrong.\n", user));
SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
pdb_clear_sam(sam_trust_acct);
pdb_free_sam(sam_trust_acct);
return(ERROR(0, NT_STATUS_LOGON_FAILURE));
}
if (!smb_password_ok(sam_trust_acct, NULL, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) {
DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user));
SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
pdb_clear_sam(sam_trust_acct);
pdb_free_sam(sam_trust_acct);
return(ERROR(0, NT_STATUS_LOGON_FAILURE));
}
acct_ctrl = pdb_get_acct_ctrl(sam_trust_acct);
pdb_clear_sam(sam_trust_acct);
pdb_free_sam(sam_trust_acct);
if (acct_ctrl & ACB_DOMTRUST) {
DEBUG(0,("session_trust_account: Domain trust account %s denied by server\n",user));
SSVAL(outbuf, smb_flg2, SVAL(outbuf, smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);

15
source/utils/pdbedit.c
View File

@ -122,12 +122,12 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle)
if (ret==False) {
fprintf (stderr, "Username not found!\n");
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
return -1;
}
ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle);
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
return ret;
}
@ -145,7 +145,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle)
ret = pdb_setsampwent(False);
if (ret && errno == ENOENT) {
fprintf (stderr,"Password database not found!\n");
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
exit(1);
}
@ -153,10 +153,11 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle)
{
if (verbosity) printf ("---------------\n");
print_sam_info (sam_pwent, verbosity, smbpwdstyle);
pdb_reset_sam(sam_pwent);
}
pdb_endsampwent ();
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
return 0;
}
@ -174,7 +175,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d
if (ret==False)
{
fprintf (stderr, "Username not found!\n");
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
return -1;
}
@ -188,10 +189,10 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d
else
{
fprintf (stderr, "Unable to modify entry!\n");
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
return -1;
}
pdb_clear_sam(sam_pwent);
pdb_free_sam(sam_pwent);
return 0;
}

4
source/utils/smbpasswd.c
View File

@ -420,7 +420,7 @@ static int process_root(int argc, char *argv[])
if((sampass != False) && (pdb_get_lanman_passwd(sampass) != NULL)) {
new_passwd = xstrdup("XXXX"); /* Don't care. */
}
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
}
if(!new_passwd)
@ -451,7 +451,7 @@ static int process_root(int argc, char *argv[])
if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) )
printf(" User has no password flag set.");
printf("\n");
pdb_clear_sam(sampass);
pdb_free_sam(sampass);
}
done: