svn commit: samba r3954 - in branches/SAMBA_3_0/source/smbd: .

tridge at samba.org tridge at samba.org
Thu Nov 25 04:10:20 GMT 2004 

Author: tridge
Date: 2004-11-25 04:10:19 +0000 (Thu, 25 Nov 2004)
New Revision: 3954

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=3954

Log:
bring Samba3 into line with the Samba4 password change code



Modified:
   branches/SAMBA_3_0/source/smbd/chgpasswd.c


Changeset:
Modified: branches/SAMBA_3_0/source/smbd/chgpasswd.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/chgpasswd.c	2004-11-25 04:01:31 UTC (rev 3953)
+++ branches/SAMBA_3_0/source/smbd/chgpasswd.c	2004-11-25 04:10:19 UTC (rev 3954)
@@ -753,9 +753,8 @@
 	uint16 acct_ctrl;
 	uint32 new_pw_len;
 	uchar new_nt_hash[16];
-	uchar old_nt_hash_plain[16];
 	uchar new_lm_hash[16];
-	uchar old_lm_hash_plain[16];
+	uchar verifier[16];
 	char no_pw[2];
 	BOOL ret;
 
@@ -784,7 +783,7 @@
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
 
-	if (acct_ctrl & ACB_PWNOTREQ && lp_null_passwords()) {
+	if ((acct_ctrl & ACB_PWNOTREQ) && lp_null_passwords()) {
 		/* construct a null password (in case one is needed */
 		no_pw[0] = 0;
 		no_pw[1] = 0;
@@ -854,12 +853,10 @@
 
 		if (nt_pw) {
 			/*
-			 * Now use new_nt_hash as the key to see if the old
-			 * password matches.
+			 * check the NT verifier
 			 */
-			D_P16(new_nt_hash, old_nt_hash_encrypted, old_nt_hash_plain);
-			
-			if (memcmp(nt_pw, old_nt_hash_plain, 16)) {
+			E_old_pw_hash(new_nt_hash, nt_pw, verifier);
+			if (memcmp(verifier, old_nt_hash_encrypted, 16)) {
 				DEBUG(0,("check_oem_password: old lm password doesn't match.\n"));
 				pdb_free_sam(&sampass);
 				return NT_STATUS_WRONG_PASSWORD;
@@ -884,12 +881,10 @@
 		
 		if (lanman_pw) {
 			/*
-			 * Now use new_nt_hash as the key to see if the old
-			 * LM password matches.
+			 * check the lm verifier
 			 */
-			D_P16(new_nt_hash, old_lm_hash_encrypted, old_lm_hash_plain);
-			
-			if (memcmp(lanman_pw, old_lm_hash_plain, 16)) {
+			E_old_pw_hash(new_nt_hash, lanman_pw, verifier);
+			if (memcmp(verifier, old_lm_hash_encrypted, 16)) {
 				DEBUG(0,("check_oem_password: old lm password doesn't match.\n"));
 				pdb_free_sam(&sampass);
 				return NT_STATUS_WRONG_PASSWORD;
@@ -908,12 +903,10 @@
 		E_deshash(new_passwd, new_lm_hash);
 
 		/*
-		 * Now use new_lm_hash as the key to see if the old
-		 * password matches.
+		 * check the lm verifier
 		 */
-		D_P16(new_lm_hash, old_lm_hash_encrypted, old_lm_hash_plain);
-		
-		if (memcmp(lanman_pw, old_lm_hash_plain, 16)) {
+		E_old_pw_hash(new_lm_hash, lanman_pw, verifier);
+		if (memcmp(verifier, old_lm_hash_encrypted, 16)) {
 			DEBUG(0,("check_oem_password: old lm password doesn't match.\n"));
 			pdb_free_sam(&sampass);
 			return NT_STATUS_WRONG_PASSWORD;

More information about the samba-cvs mailing list