diff options
author | Jeremy Allison <jra@samba.org> | 1998-03-19 20:06:47 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-03-19 20:06:47 +0000 |
commit | 7abbf368f908cacdb2978e33069e49755e54faa8 (patch) | |
tree | b723cf86b9d578b80691dc76e8bdd8d77e16e285 /source3/smbd/chgpasswd.c | |
parent | da050244c305c1e03e2f3fb2ac02f6bc93ad47ca (diff) | |
download | samba-7abbf368f908cacdb2978e33069e49755e54faa8.tar.gz samba-7abbf368f908cacdb2978e33069e49755e54faa8.tar.xz samba-7abbf368f908cacdb2978e33069e49755e54faa8.zip |
Adding the same changes to HEAD as were added to BRANCH_1_9_18.
Changed smbpasswd to be client-server for a normal user, rather
than accessing the private/smbpasswd file directly (it still accesses
this file directly when run as root, so root can add users/change a
users password without knowing the old password).
A shakeout of this change is that smbpasswd can now be used to
change a users password on a remote NT machine (yep - you heard
that one right - we can now change a NT password from UNIX !!!!!).
Jeremy.
(This used to be commit 20770b6f1c25288e90d3e0d215afa7f0809ce124)
Diffstat (limited to 'source3/smbd/chgpasswd.c')
-rw-r--r-- | source3/smbd/chgpasswd.c | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 57d81ad756d..779845d37ae 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -408,6 +408,7 @@ BOOL check_lanman_password(char *user, unsigned char *pass1, { unsigned char unenc_new_pw[16]; unsigned char unenc_old_pw[16]; + unsigned char null_pw[16]; struct smb_passwd *smbpw; *psmbpw = NULL; @@ -428,8 +429,13 @@ BOOL check_lanman_password(char *user, unsigned char *pass1, return False; } - if(smbpw->smb_passwd == NULL) + if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) { + unsigned char no_pw[14]; + memset(no_pw, '\0', 14); + E_P16((uchar *)no_pw, (uchar *)null_pw); + smbpw->smb_passwd = null_pw; + } else if (smbpw->smb_passwd == NULL) { DEBUG(0,("check_lanman_password: no lanman password !\n")); return False; } @@ -460,6 +466,7 @@ BOOL check_lanman_password(char *user, unsigned char *pass1, BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2) { unsigned char unenc_new_pw[16]; + unsigned char null_pw[16]; BOOL ret; if(smbpw == NULL) @@ -474,8 +481,13 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsi return False; } - if(smbpw->smb_passwd == NULL) + if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) { + unsigned char no_pw[14]; + memset(no_pw, '\0', 14); + E_P16((uchar *)no_pw, (uchar *)null_pw); + smbpw->smb_passwd = null_pw; + } else if (smbpw->smb_passwd == NULL) { DEBUG(0,("change_lanman_password: no lanman password !\n")); return False; } @@ -507,6 +519,7 @@ BOOL check_oem_password(char *user, unsigned char *data, fstring upper_case_new_passwd; unsigned char new_p16[16]; unsigned char unenc_old_pw[16]; + unsigned char null_pw[16]; become_root(0); *psmbpw = smbpw = get_smbpwd_entry(user, 0); @@ -524,8 +537,13 @@ BOOL check_oem_password(char *user, unsigned char *data, return False; } - if(smbpw->smb_passwd == NULL) + if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ)) { + unsigned char no_pw[14]; + memset(no_pw, '\0', 14); + E_P16((uchar *)no_pw, (uchar *)null_pw); + smbpw->smb_passwd = null_pw; + } else if (smbpw->smb_passwd == NULL) { DEBUG(0,("check_oem_password: no lanman password !\n")); return False; } @@ -533,7 +551,7 @@ BOOL check_oem_password(char *user, unsigned char *data, /* * Call the hash function to get the new password. */ - SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd); + SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd, True); /* * The length of the new password is in the last 4 bytes of @@ -541,7 +559,7 @@ BOOL check_oem_password(char *user, unsigned char *data, */ new_pw_len = IVAL(data,512); if(new_pw_len < 0 || new_pw_len > new_passwd_size - 1) { - DEBUG(0,("check_oem_password: incorrect password length.\n")); + DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len)); return False; } @@ -587,6 +605,7 @@ BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd) unsigned char new_nt_p16[16]; unsigned char new_p16[16]; + memset(upper_case_new_passwd, '\0', sizeof(upper_case_new_passwd)); fstrcpy(upper_case_new_passwd, new_passwd); strupper(upper_case_new_passwd); |