svn commit: samba r1764 - trunk/source/utils

Thu, 12 Aug 2004 00:06:01 -0700 

Author: mimir
Date: 2004-08-12 07:05:50 +0000 (Thu, 12 Aug 2004)
New Revision: 1764
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=1764&nolog=1
Log:
Passwords are hashed now in pdbedit code just before calling
passdb backend functions.


rafal


Modified:
   trunk/source/utils/pdbedit.c

Changeset:
Modified: trunk/source/utils/pdbedit.c
===================================================================
--- trunk/source/utils/pdbedit.c        2004-08-12 07:04:40 UTC (rev 1763)
+++ trunk/source/utils/pdbedit.c        2004-08-12 07:05:50 UTC (rev 1764)
@@ -734,6 +734,8 @@
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
        smb_ucs2_t *uni_name = NULL;
        char *givenpass;
+       fstring password;
+       uchar nthash[16];
        time_t lct;
        
        if (!dom_name) return -1;
@@ -774,8 +776,19 @@
                
        /* password */
        givenpass = getpass("password:");
-       memset(trust.private.pass, '\0', FSTRING_LEN);
-       strncpy(trust.private.pass, givenpass, FSTRING_LEN);
+       memset(password, '\0', sizeof(password));
+       memset(trust.private.pass, '\0', sizeof(trust.private.pass));
+       strncpy(password, givenpass, FSTRING_LEN);
+
+       /* trust password is either in hashed form (NT) or plaintext (ADS)
+          so let's prepare one */
+       if (trust.private.flags & PASS_TRUST_NT) {
+               E_md4hash(password, nthash);
+               pdb_sethexpwd(trust.private.pass, nthash, 0);
+
+       } else if (trust.private.flags & PASS_TRUST_ADS) {
+               strncpy(trust.private.pass, password, sizeof(trust.private.pass));
+       }       
        
        /* last change time */
        lct = time(NULL);
@@ -816,6 +829,8 @@
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
        smb_ucs2_t *uni_name = NULL;
        char *givenpass = NULL;
+       fstring password;
+       uchar nthash[16];
        time_t lct;
 
        if (!dom_name) return -1;
@@ -842,11 +857,20 @@
 
        /* password */
        givenpass = getpass("password (type Enter to leave it untouched):");
-       if (strlen(givenpass))
-               strncpy(trust.private.pass, givenpass, FSTRING_LEN);
-       else
-               trust.private.pass[0] = '\0';
+       memset(password, '\0', sizeof(password));
+       memset(trust.private.pass, '\0', sizeof(trust.private.pass));
+       strncpy(password, givenpass, FSTRING_LEN);
 
+       /* trust password is either in hashed form (NT) or plaintext (ADS)
+          so let's prepare one */
+       if (trust.private.flags & PASS_TRUST_NT) {
+               E_md4hash(password, nthash);
+               pdb_sethexpwd(trust.private.pass, nthash, 0);
+
+       } else if (trust.private.flags & PASS_TRUST_ADS) {
+               strncpy(trust.private.pass, password, sizeof(trust.private.pass));
+       }       
+
        /* last change time */
        lct = time(NULL);
        trust.private.mod_time = lct;

Reply via email to