diff options
| author | Jeremy Allison <jra@samba.org> | 1998-01-17 07:08:21 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1998-01-17 07:08:21 +0000 |
| commit | cd9fad92d0316e5a0007ba3c5668906dc2f011f1 (patch) | |
| tree | b713b3d382fe4ea75fb7fac634a1a2b0b02cb106 /source/smbd/chgpasswd.c | |
| parent | 0b0b1fb122a52e67a8fdc77d013ad0b3bbb90d19 (diff) | |
| download | samba-cd9fad92d0316e5a0007ba3c5668906dc2f011f1.tar.gz | |
charcnv.c: Added codepage 866 support onto the file system. Patch
from Max Khon <max@iclub.nsu.ru>.
chgpasswd.c: Allow old RAP change password to work with encrypted
passwords. Samba can now allow Windows 95/NT clients to securely
change the Lanman password ! (But not the NT hash - that gets lost).
ipc.c:
smbdes.c:
smbpass.c: Support for the above.
server.c: #ifdef'ed out fix for NT redirector bug.
util.c: Fix NIS bug with server name.
Jeremy.
Diffstat (limited to 'source/smbd/chgpasswd.c')
| -rw-r--r-- | source/smbd/chgpasswd.c | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/source/smbd/chgpasswd.c b/source/smbd/chgpasswd.c index 17401410cec..1502cd1219f 100644 --- a/source/smbd/chgpasswd.c +++ b/source/smbd/chgpasswd.c @@ -398,3 +398,86 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass) return(False); } #endif + +/*********************************************************** + Code to check the lanman hashed password. +************************************************************/ + +BOOL check_lanman_password(char *user, unsigned char *pass1, + unsigned char *pass2, struct smb_passwd **psmbpw) +{ + unsigned char unenc_new_pw[16]; + unsigned char unenc_old_pw[16]; + struct smb_passwd *smbpw; + + *psmbpw = NULL; + + become_root(0); + smbpw = get_smbpwd_entry(user, 0); + unbecome_root(0); + + if(smbpw == NULL) + { + DEBUG(0,("check_lanman_password: get_smbpwd_entry returned NULL\n")); + return False; + } + + if(smbpw->smb_passwd == NULL) + { + DEBUG(0,("check_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + /* Use this to get the old lanman hash. */ + D_P16(unenc_new_pw, pass1, unenc_old_pw); + + /* Check that the two old passwords match. */ + if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) + { + DEBUG(0,("check_lanman_password: old password doens't match.\n")); + return False; + } + + *psmbpw = smbpw; + return True; +} + +/*********************************************************** + Code to change the lanman hashed password. + It nulls out the NT hashed password as it will + no longer be valid. +************************************************************/ + +BOOL change_lanman_password(struct smb_passwd *smbpw, char *pass1, char *pass2) +{ + char unenc_new_pw[16]; + BOOL ret; + + if(smbpw == NULL) + { + DEBUG(0,("change_lanman_password: get_smbpwd_entry returned NULL\n")); + return False; + } + + if(smbpw->smb_passwd == NULL) + { + DEBUG(0,("change_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + smbpw->smb_passwd = unenc_new_pw; + smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + + /* Now write it into the file. */ + become_root(0); + ret = mod_smbpwd_entry(smbpw); + unbecome_root(0); + + return ret; +} |