diff options
author | Stefan Metzmacher <metze@samba.org> | 2008-07-23 13:31:14 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2008-07-23 14:46:08 +0200 |
commit | fbea02accfa8f92d84d0f2cb17847dac1519aa87 (patch) | |
tree | 16549659f5da950ee005887d82f0e4bb9cfeef70 | |
parent | ecdd13389fd1b262024fe663a57da11f8a84e239 (diff) | |
download | samba-fbea02accfa8f92d84d0f2cb17847dac1519aa87.tar.gz samba-fbea02accfa8f92d84d0f2cb17847dac1519aa87.tar.bz2 samba-fbea02accfa8f92d84d0f2cb17847dac1519aa87.zip |
password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE
metze
(This used to be commit 19b8c8e37bafab050ab61266c35006efada2947c)
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index e149009948..59ec18e546 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -876,7 +876,9 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) /* if there's an old supplementaCredentials blob then parse it */ if (io->o.supplemental) { - ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), &_old_scb, + ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac, + lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), + &_old_scb, (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { NTSTATUS status = ndr_map_error2ntstatus(ndr_err); @@ -887,7 +889,14 @@ static int setup_supplemental_field(struct setup_password_fields_io *io) return LDB_ERR_OPERATIONS_ERROR; } - old_scb = &_old_scb; + if (_old_scb.sub.signature == SUPPLEMENTAL_CREDENTIALS_SIGNATURE) { + old_scb = &_old_scb; + } else { + ldb_debug(io->ac->module->ldb, LDB_DEBUG_ERROR, + "setup_supplemental_field: " + "supplementalCredentialsBlob signature[0x%04X] expected[0x%04X]", + _old_scb.sub.signature, SUPPLEMENTAL_CREDENTIALS_SIGNATURE); + } } if (io->domain->store_cleartext && |