php-horde-passwd 5.0.2-3+deb8u1 / usr / share / horde / passwd / lib / Driver / Pspasswd.php

This file is indexed.

/usr/share/horde/passwd/lib/Driver/Pspasswd.php is in php-horde-passwd 5.0.2-3+deb8u1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
/**
 * Copyright 2004-2014 Horde LLC (http://www.horde.org/)
 *
 * See the enclosed file COPYING for license information (GPL). If you
 * did not receive this file, see http://www.horde.org/licenses/gpl.
 *
 * @category  Horde
 * @copyright 2004-2014 Horde LLC
 * @license   http://www.horde.org/licenses/gpl GPL
 * @package   Passwd
 */

/**
 * The PSPasswd class changes a user's password on any Windows Machine
 * (NT+) using the pspasswd free utility available at Sysinternals
 * website: http://www.sysinternals.com/ntw2k/freeware/pspasswd.shtml
 *
 * IMPORTANT!
 *
 * This driver should be used only as a last resort when there's no
 * possibility of using the ADSI or LDAP drivers, which are far more
 * secure and fast. This driver needs administrative credentials
 * exposed on the backends.php file, which is required by the
 * pspasswd.exe tool. It's an alternative driver that should be
 * avoided, but could also be the only option for a few scenarios.
 * (eg: When you don't have ADSI or LDAP support)
 *
 * Sample backend configuration:
 * <code>
 * $backends['pspasswd'] = array(
 *   'name' => 'Sample pspasswd backend',
 *   'preferred' => 'localhost',
 *   'policy' => array(
 *       'minLength' => 8,
 *       'maxLength' => 14
 *   ),
 *   'driver' => 'pspasswd',
 *   'params' => array(
 *		 'server' => 'YOUR_SERVER_NAME',
 *		 'bin' => 'DRIVE:\\DIR\\pspasswd.exe', // Notice: "\\"
 *		 'admusr' => 'Administrator',
 *	  	 'admpwd' => 'Password',
 *       'domain' => 'YOUR_DOMAIN_NAME'
 *   )
 * );
 * </code>
 *
 * Backend parameters:<pre>
 * server	= Machine where you want to change the password (Required)
 * bin		= Full pathname of the pspasswd.exe program (Required)
 * admusr	= User with administrative privileges (Required)
 * admpwd	= Password of the administrative user (Required)
 * domain	= Windows domain name (Optional)
 * </pre>
 *
 * For example: Passing a NT4 PDC server name to the server parameter
 * means you can change the user's password on that NT4 Domain.
 *
 * Special thanks to Mark Russinovich (mark@sysinternals.com) for the
 * tool and helping me solve some questions about it.
 *
 * @author    Luiz R Malheiros (malheiros@gmail.com)
 * @category  Horde
 * @copyright 2000-2014 Horde LLC
 * @license   http://www.horde.org/licenses/gpl GPL
 * @package   Passwd
 */
class Passwd_Driver_Pspasswd extends Passwd_Driver
{
    /**
     */
    public function __construct(array $params = array())
    {
        if (empty($params['server']) ||
            empty($params['bin']) ||
            empty($params['admusr']) ||
            empty($params['admpwd'])) {
            throw new Passwd_Exception(_("Password module is missing required parameters."));
        }

        if (!file_exists($params['bin'])) {
            throw new Passwd_Exception(_("Password module can't find the supplied bin."));
        }

        parent::__construct($params);
    }

    /**
     */
    protected function _changePassword($user, $oldpass, $newpass)
    {
        $server = $this->_params['server'];
        $chpwd_adm = $this->_params['admusr'];
        $chpwd_usr = $user;

        if (!empty($this->_params['domain'])) {
            $chpwd_adm = $this->_params['domain'] . "\\" . $chpwd_adm;
            $chpwd_usr = $this->_params['domain'] . "\\" . $chpwd_usr_name;
        }

        exec('NET USE \\\\' . $server . '\\IPC$ /D >NUL 2>NUL');

        $cmdline = 'NET USE \\\\' . $server . '\\IPC$ "' . $oldpass
            . '" /USER:' . $chpwd_usr;
        exec($cmdline, $cmdreply, $retval);

        if (strpos(implode(' ', $cmdreply), 'The command completed successfully.') === false) {
            throw new Passwd_Exception(_("Failed to verify old password."));
        }

        exec('NET USE \\\\' . $server . '\\IPC$ /D >NUL 2>NUL');

        $cmdline = $this->_params['bin'] . ' \\\\' . $server . ' -u ' . $chpwd_adm . ' -p ' . $this->_params['admpwd'] . ' ' . $user. ' ' . $newpass;
        exec($cmdline, $cmdreply, $retval);
        exec('NET USE \\\\' . $server . '\\IPC$ /D >NUL 2>NUL');

        if (strpos(implode(' ', $cmdreply), 'Password for ' . $server . '\\' . $user. ' successfully changed.') === false) {
            throw new Passwd_Exception(_("Access Denied."));
        }
    }

}

APT Browse - Built by Thomas Orozco.