Author: mimir Date: 2004-08-12 07:05:50 +0000 (Thu, 12 Aug 2004) New Revision: 1764 WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=1764&nolog=1 Log: Passwords are hashed now in pdbedit code just before calling passdb backend functions.
rafal Modified: trunk/source/utils/pdbedit.c Changeset: Modified: trunk/source/utils/pdbedit.c =================================================================== --- trunk/source/utils/pdbedit.c 2004-08-12 07:04:40 UTC (rev 1763) +++ trunk/source/utils/pdbedit.c 2004-08-12 07:05:50 UTC (rev 1764) @@ -734,6 +734,8 @@ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; smb_ucs2_t *uni_name = NULL; char *givenpass; + fstring password; + uchar nthash[16]; time_t lct; if (!dom_name) return -1; @@ -774,8 +776,19 @@ /* password */ givenpass = getpass("password:"); - memset(trust.private.pass, '\0', FSTRING_LEN); - strncpy(trust.private.pass, givenpass, FSTRING_LEN); + memset(password, '\0', sizeof(password)); + memset(trust.private.pass, '\0', sizeof(trust.private.pass)); + strncpy(password, givenpass, FSTRING_LEN); + + /* trust password is either in hashed form (NT) or plaintext (ADS) + so let's prepare one */ + if (trust.private.flags & PASS_TRUST_NT) { + E_md4hash(password, nthash); + pdb_sethexpwd(trust.private.pass, nthash, 0); + + } else if (trust.private.flags & PASS_TRUST_ADS) { + strncpy(trust.private.pass, password, sizeof(trust.private.pass)); + } /* last change time */ lct = time(NULL); @@ -816,6 +829,8 @@ NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; smb_ucs2_t *uni_name = NULL; char *givenpass = NULL; + fstring password; + uchar nthash[16]; time_t lct; if (!dom_name) return -1; @@ -842,11 +857,20 @@ /* password */ givenpass = getpass("password (type Enter to leave it untouched):"); - if (strlen(givenpass)) - strncpy(trust.private.pass, givenpass, FSTRING_LEN); - else - trust.private.pass[0] = '\0'; + memset(password, '\0', sizeof(password)); + memset(trust.private.pass, '\0', sizeof(trust.private.pass)); + strncpy(password, givenpass, FSTRING_LEN); + /* trust password is either in hashed form (NT) or plaintext (ADS) + so let's prepare one */ + if (trust.private.flags & PASS_TRUST_NT) { + E_md4hash(password, nthash); + pdb_sethexpwd(trust.private.pass, nthash, 0); + + } else if (trust.private.flags & PASS_TRUST_ADS) { + strncpy(trust.private.pass, password, sizeof(trust.private.pass)); + } + /* last change time */ lct = time(NULL); trust.private.mod_time = lct;