diff options
author | Andrew Bartlett <abartlet@samba.org> | 2009-03-11 20:01:13 +1100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2009-03-16 11:28:11 +1100 |
commit | 1a06b31b592a9c1d0188f4470b38e881b0bf3633 (patch) | |
tree | fc466c0743f42e7abdaf9f5c83f179e80775288e | |
parent | ec131db4f11e9d47c9bfec7654ab23720c5db713 (diff) | |
download | samba-1a06b31b592a9c1d0188f4470b38e881b0bf3633.tar.gz samba-1a06b31b592a9c1d0188f4470b38e881b0bf3633.tar.bz2 samba-1a06b31b592a9c1d0188f4470b38e881b0bf3633.zip |
s4:password_hash Only store the LM hash if 'lanman auth = yes'
The clients that do only lanman auth are on their way out, the
passwords are case insensitive, it does not support unicode and we
should not store such a poor hash of the password if we can avoid it.
Andrew Bartlett
-rw-r--r-- | source4/dsdb/samdb/ldb_modules/password_hash.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c index 56d4c4fe36..5a9926b6d1 100644 --- a/source4/dsdb/samdb/ldb_modules/password_hash.c +++ b/source4/dsdb/samdb/ldb_modules/password_hash.c @@ -1379,7 +1379,8 @@ static int setup_password_fields(struct setup_password_fields_io *io) if (io->n.cleartext_utf8) { struct samr_Password *lm_hash; char *cleartext_unix; - if (convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), + if (lp_lanman_auth(ldb_get_opaque(ldb, "loadparm")) && + convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")), CH_UTF8, CH_UNIX, io->n.cleartext_utf8->data, io->n.cleartext_utf8->length, (void **)&cleartext_unix, &converted_pw_len, false)) { lm_hash = talloc(io->ac, struct samr_Password); |