CVS update: samba/source/auth

Andrew Bartlett abartlet at samba.org
Sat Sep 28 22:50:07 EST 2002 

Andrew Bartlett wrote:
> 
> Volker Lendecke wrote:
> >
> > On Fri, Sep 27, 2002 at 07:56:20PM -0400, abartlet at samba.org wrote:
> > > Back our volker's patch as was breaking the build.
> >
> > Sorry for breaking it. On my machine it compiled well
> 
> Not as actually commited - you had an undeclared variable in there.
> 
> >, I even tested against
> > smbclient, NT4 and W2k. At least on Linux with shadow passwords you do not get
> > the password salt from /etc/passwd but from /etc/shadow. On my machine an 'x'
> > ended up in the salt, which was definitely not what crypt wanted to see.
> >
> > What kind of fix do you propose? Changing to a default of encrypted passwords
> > should IMHO not mean we do not support plaintext at all anymore.
> 
> I don't mind fixing it - I was mainly worried about the compile
> failure.  Things that don't compile don't ususally look tested ;-)
> 
> I also just want to look over it carefully, as much for my own benifit
> in understanding this crazy stuff.

How is this for a better patch?

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
? auth/auth_ntlmssp.c
Index: auth/pass_check.c
===================================================================
RCS file: /data/cvs/samba/source/auth/pass_check.c,v
retrieving revision 1.34
diff -u -r1.34 pass_check.c
--- auth/pass_check.c	27 Sep 2002 23:56:20 -0000	1.34
+++ auth/pass_check.c	28 Sep 2002 12:48:37 -0000
@@ -634,6 +634,7 @@
 	/* Also the place to keep the 'password' no matter what
 	   crazy struct it started in... */
 	fstrcpy(this_crypted, pass->pw_passwd);
+	fstrcpy(this_salt, pass->pw_passwd);
 
 #ifdef HAVE_GETSPNAM
 	{
@@ -645,8 +646,10 @@
 		   perhaps for IPC password changing requests */
 
 		spass = getspnam(pass->pw_name);
-		if (spass && spass->sp_pwdp)
+		if (spass && spass->sp_pwdp) {
 			fstrcpy(this_crypted, spass->sp_pwdp);
+			fstrcpy(this_salt, spass->sp_pwdp);
+		}
 	}
 #elif defined(IA_UINFO)
 	{
@@ -703,9 +706,6 @@
 		}
 	}
 #endif
-
-	/* extract relevant info */
-	fstrcpy(this_salt, pass->pw_passwd);
 
 #if defined(HAVE_TRUNCATED_SALT)
 	/* crypt on some platforms (HPUX in particular)

More information about the samba-cvs mailing list