/*************************************************************** smb_passwd_table * if only plain table in is in pfile, org_dir will be concated. * so, at first we will clear path prefix from pfile, and * then we will use pfiletmp as playground to put together full * nisname string. * such approach will make it possible to specify samba private dir * AND still use NIS+ table. as all domain related data is normally * stored in org_dir.DOMAIN, this should be ok to do. ****************************************************************/ static char *smb_passwd_table(){ char *sp, *p = lp_smb_passwd_file(); #if 1 static pstring pfiletmp; #endif /* if lp_smb_passwd_file() returns anything wierd, pass it on */ if (!p || !*p) return p; sp = strrchr( p, '/' ); if (sp) p=sp+1; #if 1 /* append org_dir ONLY if plain table name is used. why we do append it is because NIS_PATH env may not be set, should we check if it's set? do not append if lp_smb_passwd_file() returns an empty string */ if (!strchr(p, '.')){ slprintf(pfiletmp, sizeof(pfiletmp)-1, "%s.org_dir", p); return pfiletmp; } #endif return p; }
static void get_trust_account_file_name( char *domain, char *name, char *mac_file) { unsigned int mac_file_len; char *p; pstrcpy(mac_file, lp_smb_passwd_file()); p = strrchr(mac_file, '/'); if(p != NULL) *++p = '\0'; mac_file_len = strlen(mac_file); if ((int)(sizeof(pstring) - mac_file_len - strlen(domain) - strlen(name) - 6) < 0) { DEBUG(0,("trust_password_lock: path %s too long to add trust details.\n", mac_file)); return; } pstrcat(mac_file, domain); pstrcat(mac_file, "."); pstrcat(mac_file, name); pstrcat(mac_file, ".mac"); }
static int do_reseed(bool use_fd, int fd) { unsigned char seed_inbuf[40]; uint32 v1, v2; struct timeval tval; pid_t mypid; struct passwd *pw; int reseed_data = 0; if (use_fd) { if (fd != -1) return fd; fd = sys_open( "/dev/urandom", O_RDONLY,0); if(fd >= 0) return fd; } /* Add in some secret file contents */ do_filehash("/etc/shadow", &seed_inbuf[0]); do_filehash(lp_smb_passwd_file(), &seed_inbuf[16]); /* * Add in the root encrypted password. * On any system where security is taken * seriously this will be secret. */ pw = getpwnam_alloc(talloc_autofree_context(), "root"); if (pw && pw->pw_passwd) { size_t i; unsigned char md4_tmp[16]; mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) seed_inbuf[8+i] ^= md4_tmp[i]; TALLOC_FREE(pw); } /* * Add the counter, time of day, and pid. */ GetTimeOfDay(&tval); mypid = sys_getpid(); v1 = (counter++) + mypid + tval.tv_sec; v2 = (counter++) * mypid + tval.tv_usec; SIVAL(seed_inbuf, 32, v1 ^ IVAL(seed_inbuf, 32)); SIVAL(seed_inbuf, 36, v2 ^ IVAL(seed_inbuf, 36)); /* * Add any user-given reseed data. */ get_rand_reseed_data(&reseed_data); if (reseed_data) { size_t i; for (i = 0; i < sizeof(seed_inbuf); i++) seed_inbuf[i] ^= ((char *)(&reseed_data))[i % sizeof(reseed_data)]; } smb_arc4_init(smb_arc4_state, seed_inbuf, sizeof(seed_inbuf)); return -1; }
static int do_reseed(BOOL use_fd, int fd) { unsigned char seed_inbuf[40]; uint32 v1, v2; struct timeval tval; pid_t mypid; struct passwd *pw; if (use_fd) { if (fd != -1) return fd; fd = sys_open( "/dev/urandom", O_RDONLY,0); if(fd >= 0) return fd; } #ifdef __INSURE__ memset(seed_inbuf, '\0', sizeof(seed_inbuf)); #endif /* Add in some secret file contents */ do_filehash("/etc/shadow", &seed_inbuf[0]); #ifdef WITH_TDB_SAM do_filehash(lp_tdb_passwd_file(), &seed_inbuf[16]); #else do_filehash(lp_smb_passwd_file(), &seed_inbuf[16]); #endif /* * Add in the root encrypted password. * On any system where security is taken * seriously this will be secret. */ pw = sys_getpwnam("root"); if (pw && pw->pw_passwd) { size_t i; unsigned char md4_tmp[16]; mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) seed_inbuf[8+i] ^= md4_tmp[i]; } /* * Add the counter, time of day, and pid. */ GetTimeOfDay(&tval); mypid = sys_getpid(); v1 = (counter++) + mypid + tval.tv_sec; v2 = (counter++) * mypid + tval.tv_usec; SIVAL(seed_inbuf, 32, v1 ^ IVAL(seed_inbuf, 32)); SIVAL(seed_inbuf, 36, v2 ^ IVAL(seed_inbuf, 36)); /* * Add any user-given reseed data. */ if (reseed_data) { size_t i; for (i = 0; i < sizeof(seed_inbuf); i++) seed_inbuf[i] ^= reseed_data[i % reseed_data_size]; } seed_random_stream(seed_inbuf, sizeof(seed_inbuf)); return -1; }