SAM database "set user info".

----------------------------

- removed DOM_RID4

- removed SAMR_UNKNOWN_32

- added SAMR_SET_USERINFO (opcode 0x32)

- added level 0x1 to SAMR_QUERY_DOM_INFO (needed for create user)

- fixed pwdb_gethexpwd() it was failing on XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

- added mod_sam21pwd_entry()

- preparing to call mod_sam21pwd_entry()

- added "user session key" to user_struct.dc.  this is md4(nt#) and is
  needed to decode user's clear-text passwords in SAMR_SET_USERINFO.

- split code out in chgpasswd.c to decode 516 byte password buffers.
(This used to be commit 2e58ed742435befe419aa366c4052019fede8c23)

4 files changed, 19 insertions, 5 deletions

diff --git a/source3/passdb/ldap.c b/source3/passdb/ldap.c
index fad67cb79f..7bdbdab320 100644
--- a/source3/passdb/ldap.c
+++ b/source3/passdb/ldap.c
@@ -187,7 +187,7 @@ struct smb_passwd *ldap_getpw(void)
 		smbpw.acct_ctrl = ACB_NORMAL;
 
 	if(ldap_get_attribute("lmPassword", temp)) {
-		pwdb_gethexpwd(temp, smblmpwd);
+		pwdb_gethexpwd(temp, smblmpwd, NULL);
 		smbpw.smb_passwd = smblmpwd;
 	} else {
 		smbpw.smb_passwd = NULL;
@@ -195,7 +195,7 @@ struct smb_passwd *ldap_getpw(void)
 	}
 
 	if(ldap_get_attribute("ntPassword", temp)) {
-		pwdb_gethexpwd(temp, smbntpwd);
+		pwdb_gethexpwd(temp, smbntpwd, NULL);
 		smbpw.smb_nt_passwd = smbntpwd;
 	} else {
 		smbpw.smb_nt_passwd = NULL;
diff --git a/source3/passdb/sampassdb.c b/source3/passdb/sampassdb.c
index e80d157ec0..7c824cb7ca 100644
--- a/source3/passdb/sampassdb.c
+++ b/source3/passdb/sampassdb.c
@@ -124,6 +124,20 @@ struct sam_passwd *getsam21pwent(void *vp)
 }
 
 /************************************************************************
+ Routine to search the smb passwd file for an entry matching the username.
+ and then modify its password entry. We can't use the startsampwent()/
+ getsampwent()/endsampwent() interfaces here as we depend on looking
+ in the actual file to decide how much room we have to write data.
+ override = False, normal
+ override = True, override XXXXXXXX'd out password or NO PASS
+************************************************************************/
+
+BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
+{
+ 	return pwdb_ops->mod_sam21pwd_entry(pwdb_sam_map_names(pwd), override);
+}
+
+/************************************************************************
  Utility function to search sam passwd by name.  use this if your database
  does not have search facilities.
 *************************************************************************/
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index 2985af1ff8..464cec015c 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -158,7 +158,7 @@ struct smb_passwd *getsmbfilepwent(void *vp)
 		}
 		else
 		{
-			if (!pwdb_gethexpwd(p, (char *)smbpwd))
+			if (!pwdb_gethexpwd(p, (char *)smbpwd, NULL))
 			{
 				DEBUG(0, ("getsmbfilepwent: Malformed Lanman password entry (non hex chars)\n"));
 				continue;
@@ -178,7 +178,7 @@ struct smb_passwd *getsmbfilepwent(void *vp)
 		{
 			if (*p != '*' && *p != 'X')
 			{
-				if(pwdb_gethexpwd(p,(char *)smbntpwd))
+				if(pwdb_gethexpwd(p,(char *)smbntpwd, NULL))
 				{
 					pw_buf.smb_nt_passwd = smbntpwd;
 				}
diff --git a/source3/passdb/smbpassfile.c b/source3/passdb/smbpassfile.c
index b4f8e2b869..0165d76488 100644
--- a/source3/passdb/smbpassfile.c
+++ b/source3/passdb/smbpassfile.c
@@ -167,7 +167,7 @@ BOOL get_trust_account_password( unsigned char *ret_pwd, time_t *pass_last_set_t
    * Get the hex password.
    */
 
-  if (!pwdb_gethexpwd((char *)linebuf, (char *)ret_pwd) || linebuf[32] != ':' || 
+  if (!pwdb_gethexpwd((char *)linebuf, (char *)ret_pwd, NULL) || linebuf[32] != ':' || 
          strncmp(&linebuf[33], "TLC-", 4)) {
     DEBUG(0,("get_trust_account_password: Malformed trust password file (incorrect format).\n"));
 #ifdef DEBUG_PASSWORD