Author: Carsten Hoeger <choeger at SuSE .de>, Lars Mueller <lmuelle at SuSE dot de>
Bug: bugzilla.Samba.org #1386
Summary: pdbedit lost password from stdin feature

Based on Samba 2.2 version made by Carsten Hoeger <choeger at suse dot de>.

--- samba-3.0.11rc1/source/utils/pdbedit.c
+++ samba-3.0.11rc1/source/utils/pdbedit.c	2004-08-24 11:34:07
@@ -418,17 +418,60 @@
 	return 0;
 }
 
+/*************************************************************
+ Utility function to prompt for passwords from stdin. Each
+ password entered must end with a newline.
+*************************************************************/
+static char *stdin_new_passwd(void)
+{
+	static fstring new_pw;
+	size_t len;
+
+	ZERO_ARRAY(new_pw);
+
+	/*
+	 * if no error is reported from fgets() and string at least contains
+	 * the newline that ends the password, then replace the newline with
+	 * a null terminator.
+	 */
+	if ( fgets(new_pw, sizeof(new_pw), stdin) != NULL) {
+		if ((len = strlen(new_pw)) > 0) {
+			if(new_pw[len-1] == '\n')
+				new_pw[len - 1] = 0; 
+		}
+	}
+	return(new_pw);
+}
+
+/*************************************************************
+ Utility function to get passwords via tty or stdin
+ Used if the '-t' option is set to silently get passwords
+ to enable scripting.
+ _copied_ from smbpasswd
+*************************************************************/
+static char *get_pass( char *prompt, BOOL stdin_get)
+{
+	char *p;
+	if (stdin_get) {
+		p = stdin_new_passwd();
+	} else {
+		p = getpass( prompt);
+	}
+	return smb_xstrdup( p);
+}
+
 /*********************************************************
  Add New User
 **********************************************************/
 static int new_user (struct pdb_context *in, const char *username,
 			const char *fullname, const char *homedir,
 			const char *drive, const char *script,
-			const char *profile, char *user_sid, char *group_sid)
+			const char *profile, char *user_sid, char *group_sid,
+			BOOL stdin_get)
 {
 	SAM_ACCOUNT *sam_pwent=NULL;
 	NTSTATUS nt_status;
-	char *password1, *password2, *staticpass;
+	char *password1, *password2;
 	
 	get_global_sam_sid();
 
@@ -437,12 +478,8 @@
 		return -1;
 	}
 
-	staticpass = getpass("new password:");
-	password1 = SMB_STRDUP(staticpass);
-	memset(staticpass, 0, strlen(staticpass));
-	staticpass = getpass("retype new password:");
-	password2 = SMB_STRDUP(staticpass);
-	memset(staticpass, 0, strlen(staticpass));
+	password1 = get_pass( "new password:", stdin_get);
+	password2 = get_pass( "retype new password:", stdin_get);
 	if (strcmp (password1, password2)) {
 		fprintf (stderr, "Passwords does not match!\n");
 		memset(password1, 0, strlen(password1));
@@ -662,6 +691,7 @@
 	static char *pwd_can_change_time = NULL;
 	static char *pwd_must_change_time = NULL;
 	static char *pwd_time_format = NULL;
+	BOOL pw_from_stdin = False;
 
 	struct pdb_context *bin;
 	struct pdb_context *bout;
@@ -697,6 +737,7 @@
 		{"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time if time format no provided)", NULL },
 		{"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password can change time (unix time if time format no provided)", NULL },
 		{"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL },
+		{"password-from-stdin", 't', POPT_ARG_NONE, &pw_from_stdin, 0, "get password from standard in", NULL},
 		POPT_COMMON_SAMBA
 		POPT_TABLEEND
 	};
@@ -889,7 +930,8 @@
 			} else {
 				return new_user (bdef, user_name, full_name, home_dir, 
 						 home_drive, logon_script, 
-						 profile_path, user_sid, group_sid);
+						 profile_path, user_sid, group_sid,
+						 pw_from_stdin);
 			}
 		}
 
Nur in samba-3.0.4.new/source/utils: .pdbedit.c.swp.
--- samba-3.0.4/docs/manpages/pdbedit.8
+++ samba-3.0.4/docs/manpages/pdbedit.8	2004-05-26 20:08:56
@@ -24,7 +24,7 @@
 .ad l
 .hy 0
 .HP 8
-\fBpdbedit\fR [\-L] [\-v] [\-w] [\-u\ username] [\-f\ fullname] [\-h\ homedir] [\-D\ drive] [\-S\ script] [\-p\ profile] [\-a] [\-m] [\-r] [\-x] [\-i\ passdb\-backend] [\-e\ passdb\-backend] [\-b\ passdb\-backend] [\-g] [\-d\ debuglevel] [\-s\ configfile] [\-P\ account\-policy] [\-C\ value] [\-c\ account\-control]
+\fBpdbedit\fR [\-L] [\-v] [\-w] [\-u\ username] [\-f\ fullname] [\-h\ homedir] [\-D\ drive] [\-S\ script] [\-p\ profile] [\-a] [\-m] [\-r] [\-x] [\-i\ passdb\-backend] [\-t] [\-e\ passdb\-backend] [\-b\ passdb\-backend] [\-g] [\-d\ debuglevel] [\-s\ configfile] [\-P\ account\-policy] [\-C\ value] [\-c\ account\-control]
 .ad
 .hy
 
@@ -309,6 +309,13 @@
 \-l|\-\-logfile=logdirectory
 Base directory name for log/debug files\&. The extension \fB"\&.progname"\fR will be appended (e\&.g\&. log\&.smbclient, log\&.smbd, etc\&.\&.\&.)\&. The log file is never removed by the client\&.
 
+.TP
+\-t|\-\-password-from-stdin
+This option causes pdbedit to read the password
+from standard input, rather than from /dev/tty.
+
+Example: echo -e "secret\\nsecret\\n" | pdbedit -a -t -u sorce
+
 .SH "NOTES"
 
 .PP