summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb/ldb_modules
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-03-11 20:01:13 +1100
committerAndrew Bartlett <abartlet@samba.org>2009-03-16 11:28:11 +1100
commit1a06b31b592a9c1d0188f4470b38e881b0bf3633 (patch)
treefc466c0743f42e7abdaf9f5c83f179e80775288e /source4/dsdb/samdb/ldb_modules
parentec131db4f11e9d47c9bfec7654ab23720c5db713 (diff)
downloadsamba-1a06b31b592a9c1d0188f4470b38e881b0bf3633.tar.gz
samba-1a06b31b592a9c1d0188f4470b38e881b0bf3633.tar.bz2
samba-1a06b31b592a9c1d0188f4470b38e881b0bf3633.zip
s4:password_hash Only store the LM hash if 'lanman auth = yes'
The clients that do only lanman auth are on their way out, the passwords are case insensitive, it does not support unicode and we should not store such a poor hash of the password if we can avoid it. Andrew Bartlett
Diffstat (limited to 'source4/dsdb/samdb/ldb_modules')
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 56d4c4fe36..5a9926b6d1 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1379,7 +1379,8 @@ static int setup_password_fields(struct setup_password_fields_io *io)
if (io->n.cleartext_utf8) {
struct samr_Password *lm_hash;
char *cleartext_unix;
- if (convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
+ if (lp_lanman_auth(ldb_get_opaque(ldb, "loadparm")) &&
+ convert_string_talloc_convenience(io->ac, lp_iconv_convenience(ldb_get_opaque(ldb, "loadparm")),
CH_UTF8, CH_UNIX, io->n.cleartext_utf8->data, io->n.cleartext_utf8->length,
(void **)&cleartext_unix, &converted_pw_len, false)) {
lm_hash = talloc(io->ac, struct samr_Password);