diff options
author | Luke Leighton <lkcl@samba.org> | 2000-01-02 20:25:52 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 2000-01-02 20:25:52 +0000 |
commit | e09062fff3b08f78ff78b02b806989b5e1781895 (patch) | |
tree | f3eb9289e546a87f355c29daaa84b411947049ae /source/smbd | |
parent | 76af9b889abb74909d6c252147376395179ca120 (diff) | |
download | samba-e09062fff3b08f78ff78b02b806989b5e1781895.tar.gz |
ok. the smb-fileserver-only saga continues.
noticed that there is an "update encrypted" option, and assumed that this
was a "migrate passwords" option.
on this basis, i didn't want "encrypt passwords = no", "security = user/share"
"update encrypted = no" to be dependent on dce/rpc NETLOGON services,
but i ALSO didn't want "update encrypted = yes" to have to write to
the smbp passwd interface, i'm trying very hard to get rid of that.
so, under the circumstances where "update enc = yes", but "enc pwd = no",
i decided to add a "General" Logon type info level (4) to NetrSamLogon,
client and server side. this passes a CLEARTEXT password across the
\PIPE\NETLOGON on loop-back (which still requires a trust account
pasword, which i MAY change to use to encrypt the cleartext password
anyway). i have no idea what a _real_ general Logon type actually
looks like, and i couldn't care less at this stage because it's used
on loop-back.
whe "update enc = yes" and "enc pwd = no", nt clients are told to send
cleartext passwords. these are sent over a General Logon on loop-back;
the netlogon daemon receives them, does a *unix* password check, and
*also* does an update encrypted password.
this is a reasonable compromise. if you're not intending to migrate
to smb passwords, you don't need to run "update encrypted". all it
means is that you would have to run the netlogon daemon a little
bit earlier. normally, you would have to start the netlogon daemon
when switching to "enc pwd = yes", but instead you have tostart it on
"update end = yes".
big deal :)
the only thing that bothers me is that i thought "update encrypted" was
actually "migrate passwords", so unless the smbpasswd entry is already
in there, the general login fails because there is still a requirement
to have an smbpasswd entry in netlogon daemon. doesn't matter at the
moment.
next stage, password changing. replace all password changes in
smbd/lanman.c and anywhere else i can find them with samr_change_user_passwd
instead.
Diffstat (limited to 'source/smbd')
-rw-r--r-- | source/smbd/chgpasswd.c | 34 | ||||
-rw-r--r-- | source/smbd/password.c | 63 |
2 files changed, 52 insertions, 45 deletions
diff --git a/source/smbd/chgpasswd.c b/source/smbd/chgpasswd.c index f49db01fee7..8a8d090b997 100644 --- a/source/smbd/chgpasswd.c +++ b/source/smbd/chgpasswd.c @@ -779,3 +779,37 @@ BOOL change_oem_password(struct smb_passwd *smbpw, UNISTR2 *new_passwd, BOOL ove return ret; } + +/**************************************************************************** +update the encrypted smbpasswd file from the plaintext username and password +*****************************************************************************/ +BOOL update_smbpassword_file(char *user, char *password) +{ + struct smb_passwd *smbpw; + UNISTR2 newpw; + BOOL ret; + + become_root(0); + smbpw = getsmbpwnam(user); + unbecome_root(0); + + if(smbpw == NULL) + { + DEBUG(0,("getsmbpwnam returned NULL\n")); + return False; + } + + make_unistr2(&newpw, password, password != NULL ? strlen(password) : 0); + + /* Here, the flag is one, because we want to ignore the + XXXXXXX'd out password */ + ret = change_oem_password( smbpw, &newpw, True); + if (!ret) + { + DEBUG(3,("change_oem_password returned False\n")); + } + + ZERO_STRUCT(newpw); + + return ret; +} diff --git a/source/smbd/password.c b/source/smbd/password.c index d60911a5d83..2d45c372298 100644 --- a/source/smbd/password.c +++ b/source/smbd/password.c @@ -56,42 +56,6 @@ void add_session_user(char *user) /**************************************************************************** -update the encrypted smbpasswd file from the plaintext username and password -*****************************************************************************/ -static BOOL update_smbpassword_file(char *user, char *password) -{ - struct smb_passwd *smbpw; - UNISTR2 newpw; - BOOL ret; - - become_root(0); - smbpw = getsmbpwnam(user); - unbecome_root(0); - - make_unistr2(&newpw, password, password != NULL ? strlen(password) : 0); - - if(smbpw == NULL) - { - DEBUG(0,("getsmbpwnam returned NULL\n")); - return False; - } - - /* Here, the flag is one, because we want to ignore the - XXXXXXX'd out password */ - ret = change_oem_password( smbpw, &newpw, True); - if (!ret) - { - DEBUG(3,("change_oem_password returned False\n")); - } - - return ret; -} - - - - - -/**************************************************************************** check if a username/password pair is OK either via the system password database or the encrypted SMB password database return True if the password is correct, False otherwise @@ -103,17 +67,20 @@ BOOL password_ok(char *orig_user, char *domain, uchar user_sess_key[16]) { uchar last_chal[8]; + BOOL cleartext = smb_apasslen != 24 && smb_ntpasslen == 0; + uchar *chal = NULL; /* * SMB password check */ - if ((smb_apasslen != 0 && smb_ntpasslen != 0) || + if ((smb_apasslen != 0) || (lp_encrypted_passwords() && smb_apasslen == 0 && lp_null_passwords())) { /* check security = server */ - if (check_server_security(orig_user, domain, + if (!cleartext && + check_server_security(orig_user, domain, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen)) { @@ -122,9 +89,13 @@ BOOL password_ok(char *orig_user, char *domain, } /* check security = user / domain */ - if (last_challenge(last_chal) && + if ((!cleartext) && last_challenge(last_chal)) + { + chal = last_chal; + } + if ((cleartext || chal) && check_domain_security(orig_user, domain, - last_chal, + chal, smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen, user_sess_key) == 0x0) @@ -138,12 +109,14 @@ BOOL password_ok(char *orig_user, char *domain, /* * unix password check */ - if (pass_check(orig_user, smb_apasswd, smb_apasslen, pwd, - lp_update_encrypted() ? - update_smbpassword_file : NULL)) + + if (!lp_update_encrypted()) { - DEBUG(10,("password_ok: Unix auth succeeded\n")); - return True; + if (pass_check(orig_user, smb_apasswd, smb_apasslen, pwd, NULL)) + { + DEBUG(10,("password_ok: Unix auth succeeded\n")); + return True; + } } return False; } |