summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2008-07-23 13:31:14 +0200
committerStefan Metzmacher <metze@samba.org>2008-07-23 14:46:08 +0200
commitfbea02accfa8f92d84d0f2cb17847dac1519aa87 (patch)
tree16549659f5da950ee005887d82f0e4bb9cfeef70
parentecdd13389fd1b262024fe663a57da11f8a84e239 (diff)
downloadsamba-fbea02accfa8f92d84d0f2cb17847dac1519aa87.tar.gz
samba-fbea02accfa8f92d84d0f2cb17847dac1519aa87.tar.bz2
samba-fbea02accfa8f92d84d0f2cb17847dac1519aa87.zip
password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE
metze (This used to be commit 19b8c8e37bafab050ab61266c35006efada2947c)
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index e149009948..59ec18e546 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -876,7 +876,9 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
/* if there's an old supplementaCredentials blob then parse it */
if (io->o.supplemental) {
- ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), &_old_scb,
+ ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac,
+ lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")),
+ &_old_scb,
(ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
@@ -887,7 +889,14 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
return LDB_ERR_OPERATIONS_ERROR;
}
- old_scb = &_old_scb;
+ if (_old_scb.sub.signature == SUPPLEMENTAL_CREDENTIALS_SIGNATURE) {
+ old_scb = &_old_scb;
+ } else {
+ ldb_debug(io->ac->module->ldb, LDB_DEBUG_ERROR,
+ "setup_supplemental_field: "
+ "supplementalCredentialsBlob signature[0x%04X] expected[0x%04X]",
+ _old_scb.sub.signature, SUPPLEMENTAL_CREDENTIALS_SIGNATURE);
+ }
}
if (io->domain->store_cleartext &&