static bool SetAccountLockExpiration(const char *puser, bool lock) { if (!PlatformSupportsExpirationLock()) { return true; } char cmd[CF_BUFSIZE + strlen(puser)]; strcpy (cmd, USERMOD); StringAppend(cmd, " -e \"", sizeof(cmd)); if (lock) { StringAppend(cmd, GetPlatformSpecificExpirationDate(), sizeof(cmd)); } StringAppend(cmd, "\" ", sizeof(cmd)); StringAppend(cmd, puser, sizeof(cmd)); Log(LOG_LEVEL_VERBOSE, "%s user '%s' by setting expiry date. (command: '%s')", lock ? "Locking" : "Unlocking", puser, cmd); int status; status = system(cmd); if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { Log(LOG_LEVEL_ERR, "Command returned error while %s user '%s'. (Command line: '%s')", lock ? "locking" : "unlocking", puser, cmd); return false; } return true; }
static bool SetAccountLocked(const char *puser, const char *hash, bool lock) { char cmd[CF_BUFSIZE + strlen(hash)]; strcpy (cmd, USERMOD); StringAppend(cmd, " -e \"", sizeof(cmd)); if (lock) { if (hash[0] != '!') { char new_hash[strlen(hash) + 2]; sprintf(new_hash, "!%s", hash); if (!ChangePassword(puser, new_hash, PASSWORD_FORMAT_HASH)) { return false; } } StringAppend(cmd, GetPlatformSpecificExpirationDate(), sizeof(cmd)); } else { // Important to check. Password may already have been changed if that was also // specified in the policy. if (hash[0] == '!') { if (!ChangePassword(puser, &hash[1], PASSWORD_FORMAT_HASH)) { return false; } } } StringAppend(cmd, "\" ", sizeof(cmd)); StringAppend(cmd, puser, sizeof(cmd)); Log(LOG_LEVEL_VERBOSE, "%s user '%s' by setting expiry date. (command: '%s')", lock ? "Locking" : "Unlocking", puser, cmd); int status; status = system(cmd); if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { Log(LOG_LEVEL_ERR, "Command returned error while %s user '%s'. (Command line: '%s')", lock ? "locking" : "unlocking", puser, cmd); return false; } return true; }