summaryrefslogtreecommitdiff
path: root/source3/libnet/libnet_samsync_passdb.c
AgeCommit message (Collapse)AuthorFilesLines
2011-03-30s3-passdb: add passdb.h where needed.Günther Deschner1-0/+1
Guenther
2011-03-30s3-includes: only include system/passwd.h when needed.Günther Deschner1-0/+1
Guenther
2011-02-19s3: Add "len" to pdb_set_hoursVolker Lendecke1-1/+2
2010-10-12libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett1-1/+1
This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
2010-09-20s3-util_sid: use shared dom_sid_compare_auth and dom_sid_equal_X functions.Günther Deschner1-1/+2
Guenther
2010-07-13s3-libnet: better separate headers.Günther Deschner1-1/+1
Guenther
2010-05-21s3:dom_sid Global replace of DOM_SID with struct dom_sidAndrew Bartlett1-8/+8
This matches the structure that new code is being written to, and removes one more of the old-style named structures, and the need to know that is is just an alias for struct dom_sid. Andrew Bartlett Signed-off-by: Günther Deschner <gd@samba.org>
2010-01-10s3: Replace most calls to sid_append_rid() by sid_compose()Volker Lendecke1-10/+5
2009-07-14s3-account_policy: add pdb_policy_type enum.Günther Deschner1-9/+14
Guenther
2009-05-16Move smb_create_user() in samsyncSimo Sorce1-0/+60
It is not used anywhere else, so make it also static and remove it from proto.h
2009-04-01s3-libnet-samsync: return appropriate error code in fetch_sam_entry().Günther Deschner1-22/+25
Guenther
2009-04-01s3-libnet-samsync: use smb_create_user().Günther Deschner1-46/+6
Guenther
2009-04-01s3-libnet-samsync: some pure cosmetics.Günther Deschner1-0/+30
Guenther
2009-04-01s3-libnet-samsync: use parent talloc context for libnet_samsync_passdb.Günther Deschner1-26/+28
Guenther
2008-11-18s3-libnet-samsync: pass sequence number pointer to process routine.Günther Deschner1-0/+1
Guenther
2008-11-18s3-libnet-samsync: move all modules to startup,process,finish callbacks.Günther Deschner1-1/+0
Guenther
2008-11-18s3-libnet-samsync: use samsync_ops.Günther Deschner1-5/+5
Guenther
2008-11-18s3-libnet-samsync: add samsync_ops to all samsync modules.Günther Deschner1-0/+4
Guenther
2008-11-10s3-netlogon: fix type of parameters string in user delta.Günther Deschner1-3/+3
Guenther
2008-10-22Fix net rpc vampire, based on an *amazing* piece of debugging work by ↵Jeremy Allison1-8/+7
"Cooper S. Blake" <the_analogkid@yahoo.com>. "I believe I have found two bugs in the 3.2 code and one bug that carried on to the 3.3 branch. In the 3.2 code, everything is located in the utils/net_rpc_samsync.c file. What I believe is the first problem is that fetch_database() is calling samsync_fix_delta_array() with rid_crypt set to true, which means the password hashes are unencrypted from the RID encryption. However, I believe this call is redundant, and the corresponding call for samdump has rid_crypt set to false. So I think the rid_crypt param should be false in fetch_database(). If you follow the code, it makes its way to sam_account_from_delta() where the password hashes are decrypted a second time by calling sam_pwd_hash(). I believe this is what is scrambling my passwords. These methods were refactored somewhere in the 3.3 branch. Now the net_rpc_samsync.c class calls rpc_vampire_internals, which calls libnet/libnet_samsync.c, which calls samsync_fix_delta_array() with rid_crypt always set to false. I think that's correct. But the second bug has carried through in the sam_account_from_delta() function: 208 if (memcmp(r->ntpassword.hash, zero_buf, 16) != 0) { 209 sam_pwd_hash(r->rid, r->ntpassword.hash, lm_passwd, 0); 210 pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); 211 } 212 213 if (memcmp(r->lmpassword.hash, zero_buf, 16) != 0) { 214 sam_pwd_hash(r->rid, r->lmpassword.hash, nt_passwd, 0); 215 pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); If you look closely you'll see that the nt hash is going into the lm_passwd variable and the decrypted value is being set in the lanman hash, and the lanman hash is being decrypted and put into the nt hash field. So the LanMan and NT hashes look like they're being put in the opposite fields." Fix this by removing the rid_crypt parameter. Jeremy.
2008-06-27net_vampire: use bool for last_query information in samsync.Günther Deschner1-1/+1
Guenther (This used to be commit fa1976e23a33bd3fab17c3f6ab5573ee1fdf9e31)
2008-06-23net_vampire: move out passdb routines to one file.Günther Deschner1-0/+789
Guenther (This used to be commit 74d431270d9b4cc1524f79fa2ad743420afef417)