2025-02-03 13:47:25 +03:00 · 2002-05-09 04:05:37 +00:00 · 2002-05-09 04:05:37 +00:00 · 9ac3ca512a
commit 9ac3ca512a
parent 6337369a90
6 changed files with 186 additions and 112 deletions
--- a/source3/pam_smbpass/INSTALL
+++ b/source3/pam_smbpass/INSTALL
@ -0,0 +1,64 @@
 Because pam_smbpass is derived from the Samba smbpasswd utility, recent
 versions of pam_smbpass require a copy of the Samba source code to be
 available on the build system.  Version 0.7.5 has been tested against
 Samba 2.2.0-alpha3, and this is the recommended version of Samba to use
 for building pam_smbpass.  This only affects /building/ pam_smbpass; you
 can still run any version of the Samba server that you want, although
 clearly it saves some disk space to have only one copy of the source
 code on your system (Samba 2.2.0-alpha3 takes roughly 32MB of disk space
 to build pam_smbpass).
 Version 0.7.5 features a new build system to make it easier to build
 pam_smbpass.
 Using the new build system
 ==========================
 If you don't have a copy of the Samba source code on your machine, and you
 don't have a preferred Samba version (or mirror site), you can build
 pam_smbpass by just typing 'make'.
 If you want to use a version other than 2.2.0-alpha3, or you want to
 download the source code from a faster Samba mirror (see
 <http://us1.samba.org/samba/> for a list of mirror sites), please download
 the source code and unpack it before running make.  The build scripts will
 attempt to autodetect your Samba source directory, and if it can't be
 found automatically, you will be given the opportunity to specify an
 alternate directory for the Samba sources.
 Feedback is welcome if you try (or succeed!) to build pam_smbpass with
 other versions of Samba.
 Options to 'make'
 =================
 By default, pam_smbpass will configure the Samba build tree with the
 options
    --with-fhs --with-privatedir=/etc --with-configdir=/etc
 This will configure pam_smbpass to look for the smbpasswd file as
 /etc/smbpasswd (or /etc/smbpasswd.tdb), and the smb.conf file as
 /etc/smb.conf.  You can override these options by setting CONFIGOPTS when
 calling make.  E.g., if you have your smb.conf file in /usr/etc and your
 smbpasswd file in /usr/etc/private, you might run
    make CONFIGOPTS="--with-privatedir=/usr/etc/private --with-configdir=/usr/etc"
 For a complete list of available configuration options, see
 './samba/configure --help'
 Installing the module
 =====================
 If all goes well in the build process, the file pam_smbpass.so will be
 created in the current directory.  Simply install the module into your
 system's PAM module directory:
 	install -m 755 -s bin/pam_smbpass.so /lib/security
 and you're all set.
--- a/source3/pam_smbpass/general.h
+++ b/source3/pam_smbpass/general.h
@ -121,3 +121,10 @@ struct _pam_failed_auth {
    char *agent;                /* attempt from user with name */
    int count;                  /* number of failures so far */
 };
 /*
 * General use functions go here 
 */
 /* from support.c */
 int make_remark(pam_handle_t *, unsigned int, int, const char *);
--- a/source3/pam_smbpass/pam_smb_acct.c
+++ b/source3/pam_smbpass/pam_smb_acct.c
@ -33,6 +33,7 @@
 #include "support.h"
 /*
 * pam_sm_acct_mgmt() verifies whether or not the account is disabled.
 *
@ -45,15 +46,12 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags,
    int retval;
    const char *name;
    const char *p;
    SAM_ACCOUNT *sampass = NULL;
    extern BOOL in_client;
    /* Samba initialization. */
    setup_logging( "pam_smbpass", False );
    charset_initialise();
    codepage_initialise(lp_client_code_page());
    in_client = True;
    ctrl = set_ctrl( flags, argc, argv );
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@ -47,6 +47,7 @@ do {								\
 static int _smb_add_user(pam_handle_t *pamh, unsigned int ctrl,
                         const char *name, SAM_ACCOUNT *sampass, BOOL exist);
 /*
 * pam_sm_authenticate() authenticates users against the samba password file.
 *
@ -67,13 +68,11 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
    BOOL found;
    /* Points to memory managed by the PAM library. Do not free. */
-    const char *p = NULL;
+    char *p = NULL;
    /* Samba initialization. */
    setup_logging("pam_smbpass",False);
    charset_initialise();
    codepage_initialise(lp_client_code_page());
    in_client = True;
    ctrl = set_ctrl(flags, argc, argv);
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@ -35,8 +35,7 @@
 int smb_update_db( pam_handle_t *pamh, int ctrl, const char *user,  const char *pass_new )
 {
- char		c;
+ int		retval;
 int		retval, i;
 pstring	err_str;
 pstring	msg_str;
@ -94,12 +93,11 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
    SAM_ACCOUNT *sampass = NULL;
    const char *user;
-    const char *pass_old, *pass_new;
+    char *pass_old;
    char *pass_new;
    /* Samba initialization. */
    setup_logging( "pam_smbpass", False );
    charset_initialise();
    codepage_initialise(lp_client_code_page());
    in_client = True;
    ctrl = set_ctrl(flags, argc, argv);
--- a/source3/pam_smbpass/support.c
+++ b/source3/pam_smbpass/support.c
@ -62,6 +62,10 @@ int make_remark(pam_handle_t *, unsigned int, int, const char *);
 	void _cleanup(pam_handle_t *, void *, int);
 	char *_pam_delete(register char *);
 	/* default configuration file location */
 	char *servicesf = dyn_CONFIGFILE;
 	/* syslogging function for errors and other information */
 	void _log_err( int err, const char *format, ... )
@ -125,8 +129,7 @@ int make_remark( pam_handle_t * pamh, unsigned int ctrl
 int set_ctrl( int flags, int argc, const char **argv )
 {
    int i = 0;
-    static pstring servicesf = CONFIGFILE;
+    const char *service_file = dyn_CONFIGFILE;
    const char *service_file = servicesf;
    unsigned int ctrl;
    ctrl = SMB_DEFAULTS;	/* the default selection of options */
@ -136,6 +139,9 @@ int set_ctrl( int flags, int argc, const char **argv )
    /* A good, sane default (matches Samba's behavior). */
    set( SMB__NONULL, ctrl );
    /* initialize service file location */
    service_file=servicesf;
    if (flags & PAM_SILENT) {
        set( SMB__QUIET, ctrl );
    }
@ -165,6 +171,8 @@ int set_ctrl( int flags, int argc, const char **argv )
 	_log_err( LOG_ERR, "Error loading service file %s", service_file );
    }
    secrets_init();
    if (lp_null_passwords()) {
        set( SMB__NULLOK, ctrl );
    }
@ -303,7 +311,7 @@ int _smb_verify_password( pam_handle_t * pamh, SAM_ACCOUNT *sampass,
    uchar hash_pass[16];
    uchar lm_pw[16];
    uchar nt_pw[16];
-    int retval;
+    int retval = PAM_AUTH_ERR;
    char *data_name;
    const char *name;
@ -482,7 +490,7 @@ int _smb_read_password( pam_handle_t * pamh, unsigned int ctrl,
 {
    int authtok_flag;
    int retval;
-    const char *item = NULL;
+    char *item = NULL;
    char *token;
    struct pam_message msg[3], *pmsg[3];