svn commit: samba r1764 - trunk/source/utils

mimir at samba.org mimir at samba.org
Thu Aug 12 07:05:51 GMT 2004 

Author: mimir
Date: 2004-08-12 07:05:50 +0000 (Thu, 12 Aug 2004)
New Revision: 1764
WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba&path=/&rev=1764&nolog=1
Log:
Passwords are hashed now in pdbedit code just before calling
passdb backend functions.


rafal


Modified:
   trunk/source/utils/pdbedit.c

Changeset:
Modified: trunk/source/utils/pdbedit.c
===================================================================
--- trunk/source/utils/pdbedit.c	2004-08-12 07:04:40 UTC (rev 1763)
+++ trunk/source/utils/pdbedit.c	2004-08-12 07:05:50 UTC (rev 1764)
@@ -734,6 +734,8 @@
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
 	smb_ucs2_t *uni_name = NULL;
 	char *givenpass;
+	fstring password;
+	uchar nthash[16];
 	time_t lct;
 	
 	if (!dom_name) return -1;
@@ -774,8 +776,19 @@
 		
 	/* password */
 	givenpass = getpass("password:");
-	memset(trust.private.pass, '\0', FSTRING_LEN);
-	strncpy(trust.private.pass, givenpass, FSTRING_LEN);
+	memset(password, '\0', sizeof(password));
+	memset(trust.private.pass, '\0', sizeof(trust.private.pass));
+	strncpy(password, givenpass, FSTRING_LEN);
+
+	/* trust password is either in hashed form (NT) or plaintext (ADS)
+	   so let's prepare one */
+	if (trust.private.flags & PASS_TRUST_NT) {
+		E_md4hash(password, nthash);
+		pdb_sethexpwd(trust.private.pass, nthash, 0);
+
+	} else if (trust.private.flags & PASS_TRUST_ADS) {
+		strncpy(trust.private.pass, password, sizeof(trust.private.pass));
+	}	
 	
 	/* last change time */
 	lct = time(NULL);
@@ -816,6 +829,8 @@
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
 	smb_ucs2_t *uni_name = NULL;
 	char *givenpass = NULL;
+	fstring password;
+	uchar nthash[16];
 	time_t lct;
 
 	if (!dom_name) return -1;
@@ -842,11 +857,20 @@
 
 	/* password */
 	givenpass = getpass("password (type Enter to leave it untouched):");
-	if (strlen(givenpass))
-		strncpy(trust.private.pass, givenpass, FSTRING_LEN);
-	else
-		trust.private.pass[0] = '\0';
+	memset(password, '\0', sizeof(password));
+	memset(trust.private.pass, '\0', sizeof(trust.private.pass));
+	strncpy(password, givenpass, FSTRING_LEN);
 
+	/* trust password is either in hashed form (NT) or plaintext (ADS)
+	   so let's prepare one */
+	if (trust.private.flags & PASS_TRUST_NT) {
+		E_md4hash(password, nthash);
+		pdb_sethexpwd(trust.private.pass, nthash, 0);
+
+	} else if (trust.private.flags & PASS_TRUST_ADS) {
+		strncpy(trust.private.pass, password, sizeof(trust.private.pass));
+	}	
+
 	/* last change time */
 	lct = time(NULL);
 	trust.private.mod_time = lct;

More information about the samba-cvs mailing list