summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>1998-03-19 20:06:47 +0000
committerJeremy Allison <jra@samba.org>1998-03-19 20:06:47 +0000
commit7abbf368f908cacdb2978e33069e49755e54faa8 (patch)
treeb723cf86b9d578b80691dc76e8bdd8d77e16e285 /source3/smbd
parentda050244c305c1e03e2f3fb2ac02f6bc93ad47ca (diff)
downloadsamba-7abbf368f908cacdb2978e33069e49755e54faa8.tar.gz
samba-7abbf368f908cacdb2978e33069e49755e54faa8.tar.bz2
samba-7abbf368f908cacdb2978e33069e49755e54faa8.zip
Adding the same changes to HEAD as were added to BRANCH_1_9_18.
Changed smbpasswd to be client-server for a normal user, rather than accessing the private/smbpasswd file directly (it still accesses this file directly when run as root, so root can add users/change a users password without knowing the old password). A shakeout of this change is that smbpasswd can now be used to change a users password on a remote NT machine (yep - you heard that one right - we can now change a NT password from UNIX !!!!!). Jeremy. (This used to be commit 20770b6f1c25288e90d3e0d215afa7f0809ce124)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/chgpasswd.c29
1 files changed, 24 insertions, 5 deletions
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 57d81ad756..779845d37a 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -408,6 +408,7 @@ BOOL check_lanman_password(char *user, unsigned char *pass1,
{
unsigned char unenc_new_pw[16];
unsigned char unenc_old_pw[16];
+ unsigned char null_pw[16];
struct smb_passwd *smbpw;
*psmbpw = NULL;
@@ -428,8 +429,13 @@ BOOL check_lanman_password(char *user, unsigned char *pass1,
return False;
}
- if(smbpw->smb_passwd == NULL)
+ if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ))
{
+ unsigned char no_pw[14];
+ memset(no_pw, '\0', 14);
+ E_P16((uchar *)no_pw, (uchar *)null_pw);
+ smbpw->smb_passwd = null_pw;
+ } else if (smbpw->smb_passwd == NULL) {
DEBUG(0,("check_lanman_password: no lanman password !\n"));
return False;
}
@@ -460,6 +466,7 @@ BOOL check_lanman_password(char *user, unsigned char *pass1,
BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsigned char *pass2)
{
unsigned char unenc_new_pw[16];
+ unsigned char null_pw[16];
BOOL ret;
if(smbpw == NULL)
@@ -474,8 +481,13 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsi
return False;
}
- if(smbpw->smb_passwd == NULL)
+ if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ))
{
+ unsigned char no_pw[14];
+ memset(no_pw, '\0', 14);
+ E_P16((uchar *)no_pw, (uchar *)null_pw);
+ smbpw->smb_passwd = null_pw;
+ } else if (smbpw->smb_passwd == NULL) {
DEBUG(0,("change_lanman_password: no lanman password !\n"));
return False;
}
@@ -507,6 +519,7 @@ BOOL check_oem_password(char *user, unsigned char *data,
fstring upper_case_new_passwd;
unsigned char new_p16[16];
unsigned char unenc_old_pw[16];
+ unsigned char null_pw[16];
become_root(0);
*psmbpw = smbpw = get_smbpwd_entry(user, 0);
@@ -524,8 +537,13 @@ BOOL check_oem_password(char *user, unsigned char *data,
return False;
}
- if(smbpw->smb_passwd == NULL)
+ if((smbpw->smb_passwd == NULL) && (smbpw->acct_ctrl & ACB_PWNOTREQ))
{
+ unsigned char no_pw[14];
+ memset(no_pw, '\0', 14);
+ E_P16((uchar *)no_pw, (uchar *)null_pw);
+ smbpw->smb_passwd = null_pw;
+ } else if (smbpw->smb_passwd == NULL) {
DEBUG(0,("check_oem_password: no lanman password !\n"));
return False;
}
@@ -533,7 +551,7 @@ BOOL check_oem_password(char *user, unsigned char *data,
/*
* Call the hash function to get the new password.
*/
- SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd);
+ SamOEMhash( (unsigned char *)data, (unsigned char *)smbpw->smb_passwd, True);
/*
* The length of the new password is in the last 4 bytes of
@@ -541,7 +559,7 @@ BOOL check_oem_password(char *user, unsigned char *data,
*/
new_pw_len = IVAL(data,512);
if(new_pw_len < 0 || new_pw_len > new_passwd_size - 1) {
- DEBUG(0,("check_oem_password: incorrect password length.\n"));
+ DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len));
return False;
}
@@ -587,6 +605,7 @@ BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd)
unsigned char new_nt_p16[16];
unsigned char new_p16[16];
+ memset(upper_case_new_passwd, '\0', sizeof(upper_case_new_passwd));
fstrcpy(upper_case_new_passwd, new_passwd);
strupper(upper_case_new_passwd);