diff options
| author | Jeremy Allison <jra@samba.org> | 1998-04-30 01:39:22 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1998-04-30 01:39:22 +0000 |
| commit | 3eae1e3f8e53c51f638b1b381085f29feea1c517 (patch) | |
| tree | 92950328598c40648d89557bf0b2048f0a8bd606 /source3/smbd/password.c | |
| parent | 90177708aaf5bf17d689979701b5f0156b8a2fa4 (diff) | |
| download | samba-3eae1e3f8e53c51f638b1b381085f29feea1c517.tar.gz samba-3eae1e3f8e53c51f638b1b381085f29feea1c517.tar.bz2 samba-3eae1e3f8e53c51f638b1b381085f29feea1c517.zip | |
Added patch from Bruce Tenison <btenison@dibbs.net> to allow encrypted
passwords to be stored over time, allowing a smbpasswd file migration.
Adds new parameter "update encrypted".
Will also add to 1.9.18 branch.
Docs update to follow.
Jeremy.
(This used to be commit 5d3e874d780d595415cc27a7f5945fc2e694c3ac)
Diffstat (limited to 'source3/smbd/password.c')
| -rw-r--r-- | source3/smbd/password.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 180c51f4ea..57e7775b71 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -423,6 +423,31 @@ static char *osf1_bigcrypt(char *password,char *salt1) } #endif +/**************************************************************************** +update the encrypted smbpasswd file from the plaintext username and password +*****************************************************************************/ +BOOL update_smbpassword_file( char *user, fstring password) +{ + struct smb_passwd *smbpw; + BOOL ret; + + become_root(0); + smbpw = getsmbpwnam(user); + unbecome_root(0); + + if(smbpw == NULL) + { + DEBUG(0,("update_smbpassword_file: getsmbpwnam returned NULL\n")); + return False; + } + + /* Here, the flag is one, because we want to ignore the XXXXXXX'd out password */ + ret = change_oem_password( smbpw, password, True); + if (ret == False) + DEBUG(3,("update_smbpasswd_file: change_oem_password returned False\n")); + + return ret; +} /**************************************************************************** update the enhanced security database. Only relevant for OSF1 at the moment. @@ -1051,6 +1076,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) struct passwd *pass; char challenge[8]; struct smb_passwd *smb_pass; + BOOL update_encrypted = lp_update_encrypted(); BOOL challenge_done = False; if (password) password[pwlen] = 0; @@ -1231,6 +1257,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) if (password_check(password)) { update_protected_database(user,True); + if (update_encrypted) + update_smbpassword_file(user,password); return(True); } @@ -1248,6 +1276,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) if (password_check(password)) { update_protected_database(user,True); + if (update_encrypted) + update_smbpassword_file(user,password); return(True); } @@ -1268,6 +1298,8 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) if (string_combinations(password,password_check,level)) { update_protected_database(user,True); + if (update_encrypted) + update_smbpassword_file(user,password); return(True); } |