From 017ccd0bda31059f7093f41d1537edd7b5430968 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 5 Jan 2010 18:28:48 +0100 Subject: s3:passdb: store the plain nt passwords hashes in history, not salted md5 This is in order to be able to do challenge response with the history, so that this can be checked when an invalid password was entered: If the given password is wrong but in the history, then the bad password count should not be updated... The "lucky" bit here is that the md5 has and the nt hash (md4) both are 16 bytes long. This is part of the fix for bug #4347 . Michael --- source3/passdb/pdb_get_set.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) (limited to 'source3') diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 005cf46a62..7fc9f92b2c 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -1070,15 +1070,20 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) } /* - * Create the new salt as the first part of the history entry. + * Fill the salt area with 0-s: this indicates that + * a plain nt hash is stored in the has area. + * The old format was to store a 16 byte salt and + * then an md5hash of the nt_hash concatenated with + * the salt. */ - generate_random_buffer(pwhistory, PW_HISTORY_SALT_LEN); + memset(pwhistory, 0, PW_HISTORY_SALT_LEN); /* - * Generate the md5 hash of the salt+new password as the - * second part of the history entry. + * Store the plain nt hash in the second 16 bytes. + * The old format was to store the md5 hash of + * the salt+newpw. */ - E_md5hash(pwhistory, new_nt_p16, &pwhistory[PW_HISTORY_SALT_LEN]); + memcpy(&pwhistory[PW_HISTORY_SALT_LEN], new_nt_p16, SALTED_MD5_HASH_LEN); pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED); -- cgit