diff options
| author | Jeremy Allison <jra@samba.org> | 1998-04-29 00:02:57 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1998-04-29 00:02:57 +0000 |
| commit | d3832506b2583130c4f4ba4b3edeabca987b7cbb (patch) | |
| tree | 0f547a84cc7e6ea4b561ce06ab7c70ce84e9589e /source3/rpc_server | |
| parent | 1a25f56066f950f20cd2ee8cbb15d62ecb9ecc61 (diff) | |
| download | samba-d3832506b2583130c4f4ba4b3edeabca987b7cbb.tar.gz samba-d3832506b2583130c4f4ba4b3edeabca987b7cbb.tar.bz2 samba-d3832506b2583130c4f4ba4b3edeabca987b7cbb.zip | |
This is the checkin that adds the security=domain functionality.
WARNING - so far this has only been tested against a Samba PDC
(still waiting for IS to add me the machine accounts :-).
Still missing is the code in smbpasswd that will add a machine
account password and change it on the domain controller, but
this is not hard, and I will check it in soon.
Jeremy.
(This used to be commit 17b94a7084621b3f0106dd4d3386f05cdfc56d19)
Diffstat (limited to 'source3/rpc_server')
| -rw-r--r-- | source3/rpc_server/srv_netlog.c | 22 |
1 files changed, 11 insertions, 11 deletions
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index 6aa1cd707e..1f76d545f6 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -383,14 +383,14 @@ static void api_net_srv_pwset( int uid, DEBUG(5,("api_net_srv_pwset: %d\n", __LINE__)); - pstrcpy(mach_acct, unistrn2(q_a.clnt_id.login.uni_acct_name.buffer, - q_a.clnt_id.login.uni_acct_name.uni_str_len)); + pstrcpy(mach_acct, unistrn2(q_a.clnt_id.login.uni_acct_name.buffer, + q_a.clnt_id.login.uni_acct_name.uni_str_len)); - DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct)); + DEBUG(3,("Server Password Set Wksta:[%s]\n", mach_acct)); - become_root(True); - smb_pass = getsmbpwnam(mach_acct); - unbecome_root(True); + become_root(True); + smb_pass = getsmbpwnam(mach_acct); + unbecome_root(True); if (smb_pass != NULL) { @@ -402,7 +402,7 @@ static void api_net_srv_pwset( int uid, DEBUG(100,("%02X ", q_a.pwd[i])); DEBUG(100,("\n")); - cred_hash3( pwd, q_a.pwd, vuser->dc.sess_key); + cred_hash3( pwd, q_a.pwd, vuser->dc.sess_key, 1); /* lies! nt and lm passwords are _not_ the same: don't care */ smb_pass->smb_passwd = pwd; @@ -515,13 +515,13 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2, user_struct *vuser) { DEBUG(5,("net_login_network: lm_len: %d nt_len: %d\n", - id2->lm_chal_resp.str_str_len, - id2->nt_chal_resp.str_str_len)); + id2->hdr_lm_chal_resp.str_str_len, + id2->hdr_nt_chal_resp.str_str_len)); /* JRA. Check the NT password first if it exists - this is a higher quality password, if it exists and it doesn't match - fail. */ - if (id2->nt_chal_resp.str_str_len == 24 && + if (id2->hdr_nt_chal_resp.str_str_len == 24 && smb_pass->smb_nt_passwd != NULL) { if(smb_password_check(id2->nt_chal_resp.buffer, @@ -540,7 +540,7 @@ static uint32 net_login_network(NET_ID_INFO_2 *id2, not do, for various security-hole reasons). */ - if (id2->lm_chal_resp.str_str_len == 24 && + if (id2->hdr_lm_chal_resp.str_str_len == 24 && smb_password_check(id2->lm_chal_resp.buffer, smb_pass->smb_passwd, id2->lm_chal)) |