summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2001-09-26 12:12:26 +0000
committerAndrew Bartlett <abartlet@samba.org>2001-09-26 12:12:26 +0000
commit83db39d2b5624217422b4c10509d589018f7a329 (patch)
tree6baa71ee83a2bfedc28e3b1acb4f05eb0f85e626 /source3/smbd
parentc907f33396ca1b16baf67e50ef8116c45bd612a5 (diff)
downloadsamba-83db39d2b5624217422b4c10509d589018f7a329.tar.gz
samba-83db39d2b5624217422b4c10509d589018f7a329.tar.bz2
samba-83db39d2b5624217422b4c10509d589018f7a329.zip
Fix this to use the plaintext password code directly, like SWAT does.
This whole area needs to be cleaned up. Should this kind of passowrd change/check be permitted with encrypt passwords = yes? In any case I've also had trouble testing this, as I can't find the right software/configuration to exersise this behaviour. But its better than the previous situation. Any assistance greatly appriciated. Andrew Bartlett (This used to be commit 37655b42897031f754d436435e64a2548de756b5)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/lanman.c18
1 files changed, 11 insertions, 7 deletions
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 4d3da88783..e9213e75a2 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -1834,6 +1834,8 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
fstring user;
fstring pass1,pass2;
+ struct passwd *passwd;
+
pull_ascii_fstring(user,p);
p = skip_string(p,1);
@@ -1863,7 +1865,7 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
/*
* Do any UNIX username case mangling.
*/
- (void)Get_Pwnam( user, True);
+ passwd = Get_Pwnam( user, True);
/*
* Attempt to verify the old password against smbpasswd entries
@@ -1906,13 +1908,15 @@ static BOOL api_SetUserPassword(connection_struct *conn,uint16 vuid, char *param
if(SVAL(*rparam,0) != NERR_Success)
{
- if (password_ok(user, pass1,strlen(pass1)) &&
- chgpasswd(user,pass1,pass2,False))
- {
- SSVAL(*rparam,0,NERR_Success);
- }
+ if NT_STATUS_IS_OK(pass_check(passwd, user, pass1,
+ strlen(pass1), NULL, False))
+ {
+ if (chgpasswd(user,pass1,pass2,False)) {
+ SSVAL(*rparam,0,NERR_Success);
+ }
+ }
}
-
+
/*
* If the plaintext change failed, attempt
* the old encrypted method. NT will generate this