diff options
| author | Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it> | 2015-06-10 15:26:58 +0200 |
|---|---|---|
| committer | Garming Sam <garming@samba.org> | 2015-11-30 03:49:25 +0100 |
| commit | 1c9117746b616fcb8ab251834888b57c4a1c29bf (patch) | |
| tree | 5e468bb0f87d60c7256686f5e3883645e71354ec /source3/passdb/pdb_get_set.c | |
| parent | bb9f13ab4165f150e01a88ddcc51605a7c176f5d (diff) | |
| download | samba-1c9117746b616fcb8ab251834888b57c4a1c29bf.tar.gz | |
Add --set-nt-hash option to pdbedit to update user password from nt-hash hexstring.
Useful to take in sync password from other repository.
(Modify MASK_USER_GOOD to include new flag BIT_PWSETNTHASH)
pdbedit -vw show also password hashes .
Split pdb_set_plaintext_passwd in two function:
pdb_set_plaintext_passwd and pdb_update_history.
pdb_update_history update password history and is call from
pdb_set_plaintext_passwd.
Signed-off-by: Alberto Maria Fiaschi <alberto.fiaschi@estar.toscana.it>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source3/passdb/pdb_get_set.c')
| -rw-r--r-- | source3/passdb/pdb_get_set.c | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 9f274594a34..74a71cbf04b 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -999,10 +999,6 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) { uchar new_lanman_p16[LM_HASH_LEN]; uchar new_nt_p16[NT_HASH_LEN]; - uchar *pwhistory; - uint32_t pwHistLen; - uint32_t current_history_len; - const uint8_t *current_history; if (!plaintext) return False; @@ -1032,6 +1028,21 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED)) return False; + + return pdb_update_history(sampass, new_nt_p16); +} + +/********************************************************************* + Update password history after change + ********************************************************************/ + +bool pdb_update_history(struct samu *sampass, const uint8_t new_nt[NT_HASH_LEN]) +{ + uchar *pwhistory; + uint32_t pwHistLen; + uint32_t current_history_len; + const uint8_t *current_history; + if ((pdb_get_acct_ctrl(sampass) & ACB_NORMAL) == 0) { /* * No password history for non-user accounts @@ -1055,7 +1066,7 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) */ current_history = pdb_get_pw_history(sampass, ¤t_history_len); if ((current_history_len != 0) && (current_history == NULL)) { - DEBUG(1, ("pdb_set_plaintext_passwd: pwhistory == NULL!\n")); + DEBUG(1, ("pdb_update_history: pwhistory == NULL!\n")); return false; } @@ -1096,11 +1107,12 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) * The old format was to store the md5 hash of * the salt+newpw. */ - memcpy(&pwhistory[PW_HISTORY_SALT_LEN], new_nt_p16, SALTED_MD5_HASH_LEN); + memcpy(&pwhistory[PW_HISTORY_SALT_LEN], new_nt, SALTED_MD5_HASH_LEN); pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED); return True; + } /* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */ |