The Samba-Bugzilla – Attachment 4238 Details for
Bug 6411
changing user-password to one containing special characters does not work
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix for samba 3.0.34 now also works for %n in old password
samba-3.0.34-fix-chgpasswd-token-handling.diff (text/plain), 5.69 KB, created by
Carsten Dumke
on 2009-06-02 10:04:02 UTC
(
hide
)
Description:
fix for samba 3.0.34 now also works for %n in old password
Filename:
MIME Type:
Creator:
Carsten Dumke
Created:
2009-06-02 10:04:02 UTC
Size:
5.69 KB
patch
obsolete
>diff -Nurbd samba-3.0.34.orig/source/smbd/chgpasswd.c samba-3.0.34/source/smbd/chgpasswd.c >--- samba-3.0.34.orig/source/smbd/chgpasswd.c 2009-01-19 11:40:09.000000000 +0100 >+++ samba-3.0.34/source/smbd/chgpasswd.c 2009-05-29 16:57:39.000000000 +0200 >@@ -236,18 +236,126 @@ > return (True); > } > >-static int expect(int master, char *issue, char *expected) >+static char *expand_pass_pattern(char *target, size_t target_len, >+ const char *source, >+ const char *pattern_old_pass, >+ const char *old_pass, >+ const char *pattern_new_pass, >+ const char *new_pass) >+{ >+ size_t chars_to_copy = 0; >+ size_t skip_source_chars = 0; >+ size_t old_pass_len = 0; >+ size_t new_pass_len = 0; >+ size_t pattern_old_pass_len = 0; >+ size_t pattern_new_pass_len = 0; >+ char *target_start = target; >+ char *pattern_starter_found; >+ char pattern_starter = '\0'; >+ char empty[] = ""; >+ const char *chars_source; >+ >+ if ((target == NULL) || (target_len == 0)) { >+ return target; >+ } >+ if (source == NULL) { >+ source = empty; >+ } >+ if (pattern_old_pass != NULL) { >+ pattern_old_pass_len = strlen(pattern_old_pass); >+ pattern_starter = *pattern_old_pass; >+ } >+ if (pattern_new_pass != NULL) { >+ pattern_new_pass_len = strlen(pattern_new_pass); >+ pattern_starter = *pattern_new_pass; >+ } >+ if (old_pass != NULL) { >+ old_pass_len = strlen(old_pass); >+ } >+ else { >+ old_pass = empty; >+ } >+ if (new_pass != NULL) { >+ new_pass_len = strlen(new_pass); >+ } >+ else { >+ new_pass = empty; >+ } >+ >+ if (target_len > 0) { >+ /* leave room for string-terminator */ >+ target_len--; >+ } >+ >+ while ((*source) && (target_len > 0)) { >+ /* find possible start of pattern in source */ >+ pattern_starter_found = strchr(source, pattern_starter); >+ chars_source = source; >+ if (pattern_starter_found == NULL) { >+ /* pattern not found - copy whole source */ >+ chars_to_copy = strlen(source); >+ } >+ else { >+ chars_to_copy = pattern_starter_found - source; >+ } >+ skip_source_chars = chars_to_copy; >+ >+ if (chars_to_copy == 0) { >+ /* current source char may start a pattern */ >+ if ((pattern_old_pass) && (*pattern_old_pass) >+ && (strncmp(source, pattern_old_pass, >+ pattern_old_pass_len) == 0)) { >+ /* insert old password */ >+ chars_source = old_pass; >+ chars_to_copy = old_pass_len; >+ skip_source_chars = pattern_old_pass_len; >+ } >+ else if ((pattern_new_pass) && (*pattern_new_pass) >+ && (strncmp(source, pattern_new_pass, >+ pattern_new_pass_len) == 0)) { >+ /* insert new password */ >+ chars_source = new_pass; >+ chars_to_copy = new_pass_len; >+ skip_source_chars = pattern_new_pass_len; >+ } >+ else { >+ /* no pattern matched - copy char to target */ >+ chars_to_copy = 1; >+ skip_source_chars = chars_to_copy; >+ } >+ } >+ chars_to_copy = MIN(chars_to_copy, target_len); >+ strncpy(target, chars_source, chars_to_copy); >+ >+ target_len -= chars_to_copy; >+ target += chars_to_copy; >+ source += skip_source_chars; >+ } >+ /* terminate target */ >+ *target = '\0'; >+ return target_start; >+} >+ >+static int expect(int master, char *issue, char *expected, >+ const char *oldpass, const char *newpass) > { > pstring buffer; >+ pstring issue_password; >+ size_t issue_password_len; > int attempts, timeout, nread, len; > BOOL match = False; > >+ /* replace placeholder by password */ >+ expand_pass_pattern(issue_password, sizeof(pstring), issue, >+ "%o", oldpass, "%n", newpass); >+ issue_password_len = strlen(issue_password); >+ > for (attempts = 0; attempts < 2; attempts++) { > if (!strequal(issue, ".")) { > if (lp_passwd_chat_debug()) >- DEBUG(100, ("expect: sending [%s]\n", issue)); >+ DEBUG(100, ("expect: sending [%s]\n", issue_password)); > >- if ((len = sys_write(master, issue, strlen(issue))) != strlen(issue)) { >+ if ((len = sys_write(master, issue_password, issue_password_len)) != issue_password_len) { > DEBUG(2,("expect: (short) write returned %d\n", len )); > return False; > } >@@ -305,7 +413,8 @@ > all_string_sub(buf, "\\t", "\t", 0); > } > >-static int talktochild(int master, const char *seq) >+static int talktochild(int master, const char *seq, >+ const char *oldpass, const char *newpass) > { > int count = 0; > fstring issue, expected; >@@ -317,7 +426,7 @@ > pwd_sub(expected); > count++; > >- if (!expect(master, issue, expected)) >+ if (!expect(master, issue, expected, oldpass, newpass)) > { > DEBUG(3, ("Response %d incorrect\n", count)); > return False; >@@ -331,7 +440,7 @@ > if (!strequal(issue, ".")) { > /* we have one final issue to send */ > fstrcpy(expected, "."); >- if (!expect(master, issue, expected)) >+ if (!expect(master, issue, expected, oldpass, newpass)) > return False; > } > >@@ -339,7 +448,8 @@ > } > > static BOOL chat_with_program(char *passwordprogram, const struct passwd *pass, >- char *chatsequence, BOOL as_root) >+ char *chatsequence, BOOL as_root, >+ const char *oldpass, const char *newpass) > { > char *slavedev; > int master; >@@ -374,7 +484,7 @@ > > /* we now have a pty */ > if (pid > 0) { /* This is the parent process */ >- if ((chstat = talktochild(master, chatsequence)) == False) { >+ if ((chstat = talktochild(master, chatsequence, oldpass, newpass)) == False) { > DEBUG(3, ("chat_with_program: Child failed to change password: %s\n", pass->pw_name)); > kill(pid, SIGKILL); /* be sure to end this process */ > } >@@ -563,10 +673,8 @@ > a new password containing shell escape characters */ > > pstring_sub(chatsequence, "%u", name); >- all_string_sub(chatsequence, "%o", oldpass, sizeof(pstring)); >- all_string_sub(chatsequence, "%n", newpass, sizeof(pstring)); > return (chat_with_program >- (passwordprogram, pass, chatsequence, as_root)); >+ (passwordprogram, pass, chatsequence, as_root, oldpass, newpass)); > } > > #else /* ALLOW_CHANGE_PASSWORD */
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 6411
:
4208
|
4213
| 4238 |
4239
|
5255
|
5797
|
5799