Example #1
0
/*
  initialise a ADS_STRUCT, ready for some ads_ ops
*/
ADS_STRUCT *ads_init(const char *realm, 
		     const char *workgroup,
		     const char *ldap_server)
{
	ADS_STRUCT *ads;
	int wrap_flags;

	ads = SMB_XMALLOC_P(ADS_STRUCT);
	ZERO_STRUCTP(ads);

	ads->server.realm = realm? SMB_STRDUP(realm) : NULL;
	ads->server.workgroup = workgroup ? SMB_STRDUP(workgroup) : NULL;
	ads->server.ldap_server = ldap_server? SMB_STRDUP(ldap_server) : NULL;

	/* the caller will own the memory by default */
	ads->is_mine = 1;

	wrap_flags = lp_client_ldap_sasl_wrapping();
	if (wrap_flags == -1) {
		wrap_flags = 0;
	}

	ads->auth.flags = wrap_flags;

	/* Start with a page size of 1000 when the connection is new,
	 * we will drop it by half we get a timeout.   */
	ads->config.ldap_page_size     = 1000;

	return ads;
}
Example #2
0
/*
  initialise a ADS_STRUCT, ready for some ads_ ops
*/
ADS_STRUCT *ads_init(const char *realm, 
		     const char *workgroup,
		     const char *ldap_server)
{
	ADS_STRUCT *ads;
	
	ads = SMB_XMALLOC_P(ADS_STRUCT);
	ZERO_STRUCTP(ads);
	
	ads->server.realm = realm? SMB_STRDUP(realm) : NULL;
	ads->server.workgroup = workgroup ? SMB_STRDUP(workgroup) : NULL;
	ads->server.ldap_server = ldap_server? SMB_STRDUP(ldap_server) : NULL;

	/* we need to know if this is a foreign realm */
	if (realm && *realm && !strequal(lp_realm(), realm)) {
		ads->server.foreign = 1;
	}
	if (workgroup && *workgroup && !strequal(lp_workgroup(), workgroup)) {
		ads->server.foreign = 1;
	}

	/* the caller will own the memory by default */
	ads->is_mine = 1;

	return ads;
}
Example #3
0
BOOL gencache_set(const char *keystr, const char *value, time_t timeout)
{
	int ret;
	TDB_DATA keybuf, databuf;
	char* valstr = NULL;
	
	/* fail completely if get null pointers passed */
	SMB_ASSERT(keystr && value);

	if (!gencache_init()) return False;
	
	asprintf(&valstr, CACHE_DATA_FMT, (int)timeout, value);
	if (!valstr)
		return False;

	keybuf.dptr = SMB_STRDUP(keystr);
	keybuf.dsize = strlen(keystr)+1;
	databuf.dptr = SMB_STRDUP(valstr);
	databuf.dsize = strlen(valstr)+1;
	DEBUG(10, ("Adding cache entry with key = %s; value = %s and timeout ="
	           " %s (%d seconds %s)\n", keybuf.dptr, value,ctime(&timeout),
		   (int)(timeout - time(NULL)), 
		   timeout > time(NULL) ? "ahead" : "in the past"));

	ret = tdb_store(cache, keybuf, databuf, 0);
	SAFE_FREE(valstr);
	SAFE_FREE(keybuf.dptr);
	SAFE_FREE(databuf.dptr);
	
	return ret == 0;
}
Example #4
0
static void add_name(const char *machine_name, uint32 server_type,
                     const char *comment, void *state)
{
        struct smb_name_list **name_list = (struct smb_name_list **)state;
        struct smb_name_list *new_name;

        new_name = SMB_MALLOC_P(struct smb_name_list);

        if (!new_name)
                return;

        ZERO_STRUCTP(new_name);

	new_name->name = SMB_STRDUP(machine_name);
	new_name->comment = SMB_STRDUP(comment);
        new_name->server_type = server_type;

	if (!new_name->name || !new_name->comment) {
		SAFE_FREE(new_name->name);
		SAFE_FREE(new_name->comment);
		SAFE_FREE(new_name);
		return;
	}

        DLIST_ADD(*name_list, new_name);
}
Example #5
0
static void atalk_add_to_list(name_compare_entry **list)
{
	int i, count = 0;
	name_compare_entry *new_list = 0;
	name_compare_entry *cur_list = 0;

	cur_list = *list;

	if (cur_list) {
		for (i = 0, count = 0; cur_list[i].name; i ++, count ++) {
			if (strstr(cur_list[i].name, APPLEDOUBLE))
				return;
		}
	}

	if (!(new_list = SMB_CALLOC_ARRAY(name_compare_entry, (count == 0 ? 1 : count + 1))))
		return;

	for (i = 0; i < count; i ++) {
		new_list[i].name    = SMB_STRDUP(cur_list[i].name);
		new_list[i].is_wild = cur_list[i].is_wild;
	}

	new_list[i].name    = SMB_STRDUP(APPLEDOUBLE);
	new_list[i].is_wild = False;

	free_namearray(*list);

	*list = new_list;
	new_list = 0;
	cur_list = 0;
}
Example #6
0
ADS_STATUS ads_guess_service_principal(ADS_STRUCT *ads,
				       char **returned_principal)
{
	char *princ = NULL;

	if (ads->server.realm && ads->server.ldap_server) {
		char *server, *server_realm;

		server = SMB_STRDUP(ads->server.ldap_server);
		server_realm = SMB_STRDUP(ads->server.realm);

		if (!server || !server_realm) {
			return ADS_ERROR(LDAP_NO_MEMORY);
		}

		strlower_m(server);
		strupper_m(server_realm);
		asprintf(&princ, "ldap/%s@%s", server, server_realm);

		SAFE_FREE(server);
		SAFE_FREE(server_realm);

		if (!princ) {
			return ADS_ERROR(LDAP_NO_MEMORY);
		}
	} else if (ads->config.realm && ads->config.ldap_server_name) {
		char *server, *server_realm;

		server = SMB_STRDUP(ads->config.ldap_server_name);
		server_realm = SMB_STRDUP(ads->config.realm);

		if (!server || !server_realm) {
			return ADS_ERROR(LDAP_NO_MEMORY);
		}

		strlower_m(server);
		strupper_m(server_realm);
		asprintf(&princ, "ldap/%s@%s", server, server_realm);

		SAFE_FREE(server);
		SAFE_FREE(server_realm);

		if (!princ) {
			return ADS_ERROR(LDAP_NO_MEMORY);
		}
	}

	if (!princ) {
		return ADS_ERROR(LDAP_PARAM_ERROR);
	}

	*returned_principal = princ;

	return ADS_SUCCESS;
}
Example #7
0
BOOL authorise_login(int snum, fstring user, DATA_BLOB password, 
		     BOOL *guest)
{
	BOOL ok = False;
	
#ifdef DEBUG_PASSWORD
	DEBUG(100,("authorise_login: checking authorisation on user=%s pass=%s\n",
		   user,password.data));
#endif

	*guest = False;
  
	/* there are several possibilities:
		1) login as the given user with given password
		2) login as a previously registered username with the given password
		3) login as a session list username with the given password
		4) login as a previously validated user/password pair
		5) login as the "user ="******"user ="******"");

		if (!user_list)
			return(False);
		
		for (auser=strtok(user_list,LIST_SEP); !ok && auser;
		     auser = strtok(NULL,LIST_SEP)) {
			fstring user2;
			fstrcpy(user2,auser);
			if (!user_ok(user2,snum, NULL, 0))
				continue;
			
			if (password_ok(user2,password)) {
				ok = True;
				fstrcpy(user,user2);
				DEBUG(3,("authorise_login: ACCEPTED: session list username (%s) \
and given password ok\n", user));
			}
		}
		
		SAFE_FREE(user_list);
	}
Example #8
0
/* masked_match - match address against netnumber/netmask */
static bool masked_match(const char *tok, const char *slash, const char *s)
{
	struct sockaddr_storage ss_mask;
	struct sockaddr_storage ss_tok;
	struct sockaddr_storage ss_host;
	char *tok_copy = NULL;

	if (!interpret_string_addr(&ss_host, s, 0)) {
		return false;
	}

	if (*tok == '[') {
		/* IPv6 address - remove braces. */
		tok_copy = SMB_STRDUP(tok+1);
		if (!tok_copy) {
			return false;
		}
		/* Remove the terminating ']' */
		tok_copy[PTR_DIFF(slash,tok)-1] = '\0';
	} else {
		tok_copy = SMB_STRDUP(tok);
		if (!tok_copy) {
			return false;
		}
		/* Remove the terminating '/' */
		tok_copy[PTR_DIFF(slash,tok)] = '\0';
	}

	if (!interpret_string_addr(&ss_tok, tok_copy, 0)) {
		SAFE_FREE(tok_copy);
		return false;
	}

	SAFE_FREE(tok_copy);

        if (strlen(slash + 1) > 2) {
		if (!interpret_string_addr(&ss_mask, slash+1, 0)) {
			return false;
		}
        } else {
		char *endp = NULL;
		unsigned long val = strtoul(slash+1, &endp, 0);
		if (slash+1 == endp || (endp && *endp != '\0')) {
			return false;
		}
		if (!make_netmask(&ss_mask, &ss_tok, val)) {
			return false;
		}
        }

	return same_net((struct sockaddr *)(void *)&ss_host,
			(struct sockaddr *)(void *)&ss_tok,
			(struct sockaddr *)(void *)&ss_mask);
}
Example #9
0
static int sys_path_to_bdev(const char *path, char **mntpath, char **bdev, char **fs)
{
	int ret = -1;
	SMB_STRUCT_STAT S;
	FILE *fp;
	struct mntent *mnt;
	SMB_DEV_T devno;

	/* find the block device file */

	if (!path||!mntpath||!bdev||!fs)
		smb_panic("sys_path_to_bdev: called with NULL pointer");

	(*mntpath) = NULL;
	(*bdev) = NULL;
	(*fs) = NULL;
	
	if ( sys_stat(path, &S) == -1 )
		return (-1);

	devno = S.st_dev ;

	fp = setmntent(MOUNTED,"r");
	if (fp == NULL) {
		return -1;
	}
  
	while ((mnt = getmntent(fp))) {
		if ( sys_stat(mnt->mnt_dir,&S) == -1 )
			continue ;

		if (S.st_dev == devno) {
			(*mntpath) = SMB_STRDUP(mnt->mnt_dir);
			(*bdev) = SMB_STRDUP(mnt->mnt_fsname);
			(*fs)   = SMB_STRDUP(mnt->mnt_type);
			if ((*mntpath)&&(*bdev)&&(*fs)) {
				ret = 0;
			} else {
				SAFE_FREE(*mntpath);
				SAFE_FREE(*bdev);
				SAFE_FREE(*fs);
				ret = -1;
			}

			break;
		}
	}

	endmntent(fp) ;

	return ret;
}
Example #10
0
static bool set_driver_mapping(const char *from, const char *to)
{
	SAFE_FREE(win_driver);
	SAFE_FREE(os2_driver);

	win_driver = SMB_STRDUP(from);
	os2_driver = SMB_STRDUP(to);

	if (win_driver == NULL || os2_driver == NULL) {
		SAFE_FREE(win_driver);
		SAFE_FREE(os2_driver);
		return false;
	}
	return true;
}
Example #11
0
WERROR reg_delete_path(const struct security_token *token,
                       const char *orig_path)
{
    struct registry_key *hive;
    char *path, *p;
    WERROR err;

    if (!(path = SMB_STRDUP(orig_path))) {
        return WERR_NOMEM;
    }

    p = strchr(path, '\\');

    if ((p == NULL) || (p[1] == '\0')) {
        SAFE_FREE(path);
        return WERR_INVALID_PARAM;
    }

    *p = '\0';

    err = reg_openhive(NULL, path,
                       (strchr(p+1, '\\') != NULL) ?
                       KEY_ENUMERATE_SUB_KEYS : KEY_CREATE_SUB_KEY,
                       token, &hive);
    if (!W_ERROR_IS_OK(err)) {
        SAFE_FREE(path);
        return err;
    }

    err = reg_deletekey_recursive(hive, p+1);
    SAFE_FREE(path);
    TALLOC_FREE(hive);
    return err;
}
Example #12
0
BOOL login_cache_delentry(const struct samu *sampass)
{
	int ret;
	TDB_DATA keybuf;
	
	if (!login_cache_init()) 
		return False;	

	if (pdb_get_nt_username(sampass) == NULL) {
		return False;
	}

	keybuf.dptr = SMB_STRDUP(pdb_get_nt_username(sampass));
	if (!keybuf.dptr || !strlen(keybuf.dptr)) {
		SAFE_FREE(keybuf.dptr);
		return False;
	}
	keybuf.dsize = strlen(keybuf.dptr) + 1;
	DEBUG(9, ("About to delete entry for %s\n", keybuf.dptr));
	ret = tdb_delete(cache, keybuf);
	DEBUG(9, ("tdb_delete returned %d\n", ret));
	
	SAFE_FREE(keybuf.dptr);
	return ret == 0;
}
Example #13
0
static void name_map(char *OutName, BOOL need83, BOOL cache83, int default_case, int snum)
{
	smb_ucs2_t *OutName_ucs2;
	magic_char = lp_magicchar(snum);

	DEBUG(5,("name_map( %s, need83 = %s, cache83 = %s)\n", OutName,
		 need83 ? "True" : "False", cache83 ? "True" : "False"));
	
	if (push_ucs2_allocate(&OutName_ucs2, OutName) == (size_t)-1) {
		DEBUG(0, ("push_ucs2_allocate failed!\n"));
		return;
	}

	if( !need83 && !NT_STATUS_IS_OK(is_valid_name(OutName_ucs2, False, False)))
		need83 = True;

	/* check if it's already in 8.3 format */
	if (need83 && !NT_STATUS_IS_OK(is_8_3_w(OutName_ucs2, False))) {
		char *tmp = NULL; 

		/* mangle it into 8.3 */
		if (cache83)
			tmp = SMB_STRDUP(OutName);

		to_8_3(OutName, default_case);

		if(tmp != NULL) {
			cache_mangled_name(OutName, tmp);
			SAFE_FREE(tmp);
		}
	}

	DEBUG(5,("name_map() ==> [%s]\n", OutName));
	SAFE_FREE(OutName_ucs2);
}
Example #14
0
bool login_cache_delentry(const struct samu *sampass)
{
	int ret;
	char *keystr;
	
	if (!login_cache_init()) 
		return False;	

	if (pdb_get_nt_username(sampass) == NULL) {
		return False;
	}

	keystr = SMB_STRDUP(pdb_get_nt_username(sampass));
	if (!keystr || !keystr[0]) {
		SAFE_FREE(keystr);
		return False;
	}

	DEBUG(9, ("About to delete entry for %s\n", keystr));
	ret = tdb_delete_bystring(cache, keystr);
	DEBUG(9, ("tdb_delete returned %d\n", ret));
	
	SAFE_FREE(keystr);
	return ret == 0;
}
Example #15
0
static char *smb_pam_copy_fstring(const char *s)
{
	if (s[0] == '\0') {
		return NULL;
	}
	return SMB_STRDUP(s);
}
Example #16
0
static char *smb_pam_copy_string(const char *s)
{
	if (s == NULL) {
		return NULL;
	}
	return SMB_STRDUP(s);
}
Example #17
0
static NTSTATUS net_idmap_fixup_hwm(void)
{
	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
	TDB_CONTEXT *idmap_tdb;
	char *tdbfile = NULL;

	struct hwms hwms;
	struct hwms highest;

	if (!lp_idmap_uid(&hwms.user_hwm, &highest.user_hwm) ||
	    !lp_idmap_gid(&hwms.group_hwm, &highest.group_hwm)) {
		d_fprintf(stderr, "idmap range missing\n");
		return NT_STATUS_UNSUCCESSFUL;
	}

	tdbfile = SMB_STRDUP(lock_path("winbindd_idmap.tdb"));
	if (!tdbfile) {
		DEBUG(0, ("idmap_init: out of memory!\n"));
		return NT_STATUS_NO_MEMORY;
	}

	idmap_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDWR, 0);

	if (idmap_tdb == NULL) {
		d_fprintf(stderr, "Could not open idmap: %s\n", tdbfile);
		return NT_STATUS_NO_SUCH_FILE;
	}

	hwms.ok = True;

	tdb_traverse(idmap_tdb, net_idmap_find_max_id, &hwms);

	if (!hwms.ok) {
		goto done;
	}

	d_printf("USER HWM: %d  GROUP HWM: %d\n",
		 hwms.user_hwm, hwms.group_hwm);

	if (hwms.user_hwm >= highest.user_hwm) {
		d_fprintf(stderr, "Highest UID out of uid range\n");
		goto done;
	}

	if (hwms.group_hwm >= highest.group_hwm) {
		d_fprintf(stderr, "Highest GID out of gid range\n");
		goto done;
	}

	if ((tdb_store_int32(idmap_tdb, "USER HWM", (int32)hwms.user_hwm) != 0) ||
	    (tdb_store_int32(idmap_tdb, "GROUP HWM", (int32)hwms.group_hwm) != 0)) {
		d_fprintf(stderr, "Could not store HWMs\n");
		goto done;
	}

	result = NT_STATUS_OK;
 done:
	tdb_close(idmap_tdb);
	return result;
}
Example #18
0
static char *wbinfo_prompt_pass(const char *prefix,
				const char *username)
{
	char *prompt;
	const char *ret = NULL;

	prompt = talloc_asprintf(talloc_tos(), "Enter %s's ", username);
	if (!prompt) {
		return NULL;
	}
	if (prefix) {
		prompt = talloc_asprintf_append(prompt, "%s ", prefix);
		if (!prompt) {
			return NULL;
		}
	}
	prompt = talloc_asprintf_append(prompt, "password: ");
	if (!prompt) {
		return NULL;
	}

	ret = getpass(prompt);
	TALLOC_FREE(prompt);

	return SMB_STRDUP(ret);
}
Example #19
0
File: net.c Project: AllardJ/Tomato
NTSTATUS connect_to_ipc_krb5(struct cli_state **c,
			struct in_addr *server_ip, const char *server_name)
{
	NTSTATUS nt_status;
	char *user_and_realm = NULL;

	if (!opt_password && !opt_machine_pass) {
		char *pass = getpass("Password:"******"IPC$", "IPC",  
					user_and_realm, opt_workgroup,
					opt_password, CLI_FULL_CONNECTION_USE_KERBEROS, 
					Undefined, NULL);
	
	SAFE_FREE(user_and_realm);

	if (NT_STATUS_IS_OK(nt_status)) {
		return nt_status;
	} else {
		DEBUG(1,("Cannot connect to server using kerberos.  Error was %s\n", nt_errstr(nt_status)));
		return nt_status;
	}
}
Example #20
0
char *alloc_sub_specified(const char *input_string,
			const char *username,
			const char *domain,
			uid_t uid,
			gid_t gid)
{
	char *a_string, *ret_string;
	char *b, *p, *s;

	a_string = SMB_STRDUP(input_string);
	if (a_string == NULL) {
		DEBUG(0, ("alloc_sub_specified: Out of memory!\n"));
		return NULL;
	}
	
	for (b = s = a_string; (p = strchr_m(s, '%')); s = a_string + (p - b)) {
		
		b = a_string;
		
		switch (*(p+1)) {
		case 'U' : 
			a_string = realloc_string_sub(a_string, "%U", username);
			break;
		case 'u' : 
			a_string = realloc_string_sub(a_string, "%u", username);
			break;
		case 'G' :
			if (gid != -1) {
				a_string = realloc_string_sub(a_string, "%G", gidtoname(gid));
			} else {
				a_string = realloc_string_sub(a_string, "%G", "NO_GROUP");
			}
			break;
		case 'g' :
			if (gid != -1) {
				a_string = realloc_string_sub(a_string, "%g", gidtoname(gid));
			} else {
				a_string = realloc_string_sub(a_string, "%g", "NO_GROUP");
			}
			break;
		case 'D' :
			a_string = realloc_string_sub(a_string, "%D", domain);
			break;
		case 'N' : 
			a_string = realloc_string_sub(a_string, "%N", automount_server(username)); 
			break;
		default: 
			break;
		}

		p++;
		if (a_string == NULL) {
			return NULL;
		}
	}

	ret_string = alloc_sub_basic(username, a_string);
	SAFE_FREE(a_string);
	return ret_string;
}
Example #21
0
static char* trim_reg_path( const char *path )
{
	const char *p;
	uint16 key_len = strlen(KEY_SHARES);
	
	/* 
	 * sanity check...this really should never be True.
	 * It is only here to prevent us from accessing outside
	 * the path buffer in the extreme case.
	 */
	
	if ( strlen(path) < key_len ) {
		DEBUG(0,("trim_reg_path: Registry path too short! [%s]\n", path));
		return NULL;
	}
	
	
	p = path + strlen( KEY_SHARES );
	
	if ( *p == '\\' )
		p++;
	
	if ( *p )
		return SMB_STRDUP(p);
	else
		return NULL;
}
Example #22
0
static void add_cached_names(const char *name, uint32 stype, 
			     const char *comment, void *state)
{
	struct name_list **name_list = (struct name_list **)state;
	struct name_list *new_name;

	new_name = SMB_MALLOC_P(struct name_list);
	if (!new_name) return;

	ZERO_STRUCTP(new_name);

	new_name->name = SMB_STRDUP(name);
	new_name->stype = stype;
	new_name->comment = SMB_STRDUP(comment);

	DLIST_ADD(*name_list, new_name);
}
Example #23
0
/** Set the netbios name used for making connections */
void
smbc_setNetbiosName(SMBCCTX *c, char * netbios_name)
{
	SAFE_FREE(c->netbios_name);
	if (netbios_name) {
		c->netbios_name = SMB_STRDUP(netbios_name);
	}
}
Example #24
0
/** Set the workgroup used for making connections */
void
smbc_setWorkgroup(SMBCCTX *c, char * workgroup)
{
	SAFE_FREE(c->workgroup);
	if (workgroup) {
		c->workgroup = SMB_STRDUP(workgroup);
	}
}
Example #25
0
/* display SD */
void ads_disp_sd(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct security_descriptor *sd)
{
	int i;
	char *tmp_path = NULL;

	if (!sd) {
		return;
	}

	if (ads && !ads->config.schema_path) {
		if (ADS_ERR_OK(ads_schema_path(ads, mem_ctx, &tmp_path))) {
			ads->config.schema_path = SMB_STRDUP(tmp_path);
		}
	}

	if (ads && !ads->config.config_path) {
		if (ADS_ERR_OK(ads_config_path(ads, mem_ctx, &tmp_path))) {
			ads->config.config_path = SMB_STRDUP(tmp_path);
		}
	}

	printf("-------------- Security Descriptor (revision: %d, type: 0x%02x)\n", 
               sd->revision,
               sd->type);

	printf("owner SID: %s\n", sd->owner_sid ? 
		sid_string_talloc(mem_ctx, sd->owner_sid) : "(null)");
	printf("group SID: %s\n", sd->group_sid ?
		sid_string_talloc(mem_ctx, sd->group_sid) : "(null)");

	ads_disp_acl(sd->sacl, "system");
	if (sd->sacl) {
		for (i = 0; i < sd->sacl->num_aces; i ++) {
			ads_disp_ace(ads, mem_ctx, &sd->sacl->aces[i]);
		}
	}
	
	ads_disp_acl(sd->dacl, "user");
	if (sd->dacl) {
		for (i = 0; i < sd->dacl->num_aces; i ++) {
			ads_disp_ace(ads, mem_ctx, &sd->dacl->aces[i]);
		}
	}

	printf("-------------- End Of Security Descriptor\n");
}
Example #26
0
/** Set the username used for making connections */
void
smbc_setUser(SMBCCTX *c, char * user)
{
	SAFE_FREE(c->user);
	if (user) {
		c->user = SMB_STRDUP(user);
	}
}
static bool set_last_from_to(const char *from, const char *to)
{
	char *orig_from = last_from;
	char *orig_to = last_to;

	last_from = SMB_STRDUP(from);
	last_to = SMB_STRDUP(to);

	SAFE_FREE(orig_from);
	SAFE_FREE(orig_to);

	if (!last_from || !last_to) {
		SAFE_FREE(last_from);
		SAFE_FREE(last_to);
		return false;
	}
	return true;
}
Example #28
0
/*
 * get the name of the newest ticket cache for the uid user.
 * pam_krb5 defines a non default ticket cache for each user
 */
static
char * get_ticket_cache( uid_t uid )
{
  char *ticket_file = NULL;
  SMB_STRUCT_DIR *tcdir;                  /* directory where ticket caches are stored */
  SMB_STRUCT_DIRENT *dirent;   /* directory entry */
  char *filename = NULL;       /* holds file names on the tmp directory */
  SMB_STRUCT_STAT buf;        
  char user_cache_prefix[CC_MAX_FILE_LEN];
  char file_path[CC_MAX_FILE_PATH_LEN];
  time_t t = 0;

  snprintf(user_cache_prefix, CC_MAX_FILE_LEN, "%s%d", CC_PREFIX, uid );
  tcdir = sys_opendir( TICKET_CC_DIR );
  if ( tcdir == NULL ) 
    return NULL; 
  
  while ( (dirent = sys_readdir( tcdir ) ) ) 
  { 
    filename = dirent->d_name;
    snprintf(file_path, CC_MAX_FILE_PATH_LEN,"%s/%s", TICKET_CC_DIR, filename); 
    if (sys_stat(file_path, &buf) == 0 ) 
    {
      if ( ( buf.st_uid == uid ) && ( S_ISREG(buf.st_mode) ) ) 
      {
        /*
         * check the user id of the file to prevent denial of
         * service attacks by creating fake ticket caches for the 
         * user
         */
        if ( strstr( filename, user_cache_prefix ) ) 
        {
          if ( buf.st_mtime > t ) 
          { 
            /*
             * a newer ticket cache found 
             */
            free(ticket_file);
            ticket_file=SMB_STRDUP(file_path);
            t = buf.st_mtime;
          }
        }
      }
    }
  }

  sys_closedir(tcdir);

  if ( ticket_file == NULL )
  {
    /* no ticket cache found */
    fprintf(stderr, "ERROR: No ticket cache found for userid=%d\n", uid);
    return NULL;
  }

  return ticket_file;
}
Example #29
0
char *decrypt_trustdom_secret(const char *pass, DATA_BLOB *data_in)
{
	DATA_BLOB data_out, sess_key;
	uchar nt_hash[16];
	uint32_t length;
	uint32_t version;
	fstring cleartextpwd;

	if (!data_in || !pass)
		return NULL;

	/* generate md4 password-hash derived from the NT UNICODE password */
	E_md4hash(pass, nt_hash);

	/* hashed twice with md4 */
	mdfour(nt_hash, nt_hash, 16);

	/* 16-Byte session-key */
	sess_key = data_blob(nt_hash, 16);
	if (sess_key.data == NULL)
		return NULL;
	
	data_out = data_blob(NULL, data_in->length);
	if (data_out.data == NULL)
		return NULL;
	
	/* decrypt with des3 */
	sess_crypt_blob(&data_out, data_in, &sess_key, 0);

	/* 4 Byte length, 4 Byte version */
	length  = IVAL(data_out.data, 0);
	version = IVAL(data_out.data, 4);

	if (length > data_in->length - 8) {
		DEBUG(0,("decrypt_trustdom_secret: invalid length (%d)\n", length));
		return NULL;
	}
	
	if (version != 1) {
		DEBUG(0,("decrypt_trustdom_secret: unknown version number (%d)\n", version));
		return NULL;
	}
	
	rpcstr_pull(cleartextpwd, data_out.data + 8, sizeof(fstring), length, 0 );

#ifdef DEBUG_PASSWORD
	DEBUG(100,("decrypt_trustdom_secret: length is: %d, version is: %d, password is: %s\n", 
				length, version, cleartextpwd));
#endif

	data_blob_free(&data_out);
	data_blob_free(&sess_key);
	
	return SMB_STRDUP(cleartextpwd);

}
Example #30
0
static int readrcfile(const char *name, const struct poptOption long_options[])
{
	FILE *fd = fopen(name, "r");
	int lineno = 0, i;
	char var[101], val[101];
	char found;
	int *intdata; char **stringdata;
	if(!fd) {
		fprintf(stderr, "Can't open RC file %s\n", name);
		return 1;
	}

	while(!feof(fd)) {
		lineno++;
		if(fscanf(fd, "%100s %100s\n", var, val) < 2) {
			fprintf(stderr, "Can't parse line %d of %s, ignoring.\n", lineno, name);
			continue;
		}

		found = 0;

		for(i = 0; long_options[i].shortName; i++) {
			if(!long_options[i].longName)continue;
			if(strcmp(long_options[i].longName, var)) continue;
			if(!long_options[i].arg)continue;

			switch(long_options[i].argInfo) {
			case POPT_ARG_NONE:
				intdata = (int *)long_options[i].arg;
				if(!strcmp(val, "on")) *intdata = 1;
				else if(!strcmp(val, "off")) *intdata = 0;
				else fprintf(stderr, "Illegal value %s for %s at line %d in %s\n", val, var, lineno, name);
				break;
			case POPT_ARG_INT:
				intdata = (int *)long_options[i].arg;
				*intdata = atoi(val);
				break;
			case POPT_ARG_STRING:
				stringdata = (char **)long_options[i].arg;
				*stringdata = SMB_STRDUP(val);
				break;
			default:
				fprintf(stderr, "Invalid variable %s at line %d in %s\n", var, lineno, name);
				break;
			}

			found = 1;
		}
		if(!found) {
			fprintf(stderr, "Invalid variable %s at line %d in %s\n", var, lineno, name);
		}
	}

	fclose(fd);
	return 0;
}