From 1ea8ceac458501719a055700902d456304c4ee0a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Jan 1998 07:08:21 +0000 Subject: charcnv.c: Added codepage 866 support onto the file system. Patch from Max Khon . chgpasswd.c: Allow old RAP change password to work with encrypted passwords. Samba can now allow Windows 95/NT clients to securely change the Lanman password ! (But not the NT hash - that gets lost). ipc.c: smbdes.c: smbpass.c: Support for the above. server.c: #ifdef'ed out fix for NT redirector bug. util.c: Fix NIS bug with server name. Jeremy. (This used to be commit cd9fad92d0316e5a0007ba3c5668906dc2f011f1) --- source3/smbd/chgpasswd.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) (limited to 'source3/smbd/chgpasswd.c') diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 17401410ce..1502cd1219 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -398,3 +398,86 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass) return(False); } #endif + +/*********************************************************** + Code to check the lanman hashed password. +************************************************************/ + +BOOL check_lanman_password(char *user, unsigned char *pass1, + unsigned char *pass2, struct smb_passwd **psmbpw) +{ + unsigned char unenc_new_pw[16]; + unsigned char unenc_old_pw[16]; + struct smb_passwd *smbpw; + + *psmbpw = NULL; + + become_root(0); + smbpw = get_smbpwd_entry(user, 0); + unbecome_root(0); + + if(smbpw == NULL) + { + DEBUG(0,("check_lanman_password: get_smbpwd_entry returned NULL\n")); + return False; + } + + if(smbpw->smb_passwd == NULL) + { + DEBUG(0,("check_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + /* Use this to get the old lanman hash. */ + D_P16(unenc_new_pw, pass1, unenc_old_pw); + + /* Check that the two old passwords match. */ + if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) + { + DEBUG(0,("check_lanman_password: old password doens't match.\n")); + return False; + } + + *psmbpw = smbpw; + return True; +} + +/*********************************************************** + Code to change the lanman hashed password. + It nulls out the NT hashed password as it will + no longer be valid. +************************************************************/ + +BOOL change_lanman_password(struct smb_passwd *smbpw, char *pass1, char *pass2) +{ + char unenc_new_pw[16]; + BOOL ret; + + if(smbpw == NULL) + { + DEBUG(0,("change_lanman_password: get_smbpwd_entry returned NULL\n")); + return False; + } + + if(smbpw->smb_passwd == NULL) + { + DEBUG(0,("change_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + smbpw->smb_passwd = unenc_new_pw; + smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + + /* Now write it into the file. */ + become_root(0); + ret = mod_smbpwd_entry(smbpw); + unbecome_root(0); + + return ret; +} -- cgit