diff options
| -rw-r--r-- | source3/passdb/passdb.c | 77 | ||||
| -rw-r--r-- | source3/rpc_server/srv_netlog_nt.c | 6 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 4 | ||||
| -rw-r--r-- | source3/smbd/chgpasswd.c | 6 |
4 files changed, 70 insertions, 23 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index fa0dd244d2..634ea8fdac 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -1624,29 +1624,6 @@ BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, uint8 *pwd) return True; } -/********************************************************************* - Set the user's PLAINTEXT password. Used as an interface to the above. - ********************************************************************/ - -BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, char *plaintext) -{ - uchar new_lanman_p16[16]; - uchar new_nt_p16[16]; - - if (!sampass || !plaintext) - return False; - - nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16); - - if (!pdb_set_nt_passwd (sampass, new_nt_p16)) - return False; - - if (!pdb_set_lanman_passwd (sampass, new_lanman_p16)) - return False; - - return True; -} - BOOL pdb_set_unknown_3 (SAM_ACCOUNT *sampass, uint32 unkn) { if (!sampass) @@ -1688,3 +1665,57 @@ BOOL pdb_set_hours (SAM_ACCOUNT *sampass, uint8 *hours) return True; } + + +/* Helpful interfaces to the above */ + +/********************************************************************* + Sets the last changed times and must change times for a normal + password change. + ********************************************************************/ + +BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass) +{ + + if (!sampass) + return False; + + if (!pdb_set_pass_last_set_time (sampass, time(NULL))) + return False; + + if (!pdb_set_pass_must_change_time (sampass, + pdb_get_pass_last_set_time(sampass) + + MAX_PASSWORD_AGE)) + return False; + + return True; +} + +/********************************************************************* + Set the user's PLAINTEXT password. Used as an interface to the above. + Also sets the last change time to NOW. + ********************************************************************/ + +BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext) +{ + uchar new_lanman_p16[16]; + uchar new_nt_p16[16]; + + if (!sampass || !plaintext) + return False; + + nt_lm_owf_gen (plaintext, new_nt_p16, new_lanman_p16); + + if (!pdb_set_nt_passwd (sampass, new_nt_p16)) + return False; + + if (!pdb_set_lanman_passwd (sampass, new_lanman_p16)) + return False; + + if (!pdb_set_pass_changed_now (sampass)) + return False; + + return True; +} + + diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 7a7ff09d71..32a0a02e70 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -436,6 +436,12 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * return NT_STATUS_NO_MEMORY; } + if (!pdb_set_pass_changed_now (sampass)) { + pdb_free_sam(&sampass); + /* Not quite sure what this one qualifies as, but this will do */ + return NT_STATUS_NO_MEMORY; + } + become_root(); ret = pdb_update_sam_account (sampass,False); unbecome_root(); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index d9cae42145..7e48d74359 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2288,6 +2288,10 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid) pdb_free_sam(&pwd); return False; } + if (!pdb_set_pass_changed_now (pwd)) { + pdb_free_sam(&pwd); + return False; + } if(!pdb_update_sam_account(pwd, True)) { pdb_free_sam(&pwd); diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index d2ee2f46fa..49f87a4ca1 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -682,6 +682,12 @@ BOOL change_lanman_password(SAM_ACCOUNT *sampass, uchar * pass1, return False; /* We lose the NT hash. Sorry. */ } + if (!pdb_set_pass_changed_now (sampass)) { + pdb_free_sam(&sampass); + /* Not quite sure what this one qualifies as, but this will do */ + return False; + } + /* Now flush the sam_passwd struct to persistent storage */ become_root(); ret = pdb_update_sam_account (sampass, False); |