user password changes failing due to RPC bind authentication failing
Gerald (Jerry) Carter
jerry at samba.org
Mon Jul 3 14:37:44 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
https://bugzilla.samba.org/show_bug.cgi?id=3908
Simple fix. Just wrap the auth_ntlmssp_update() call in a
{become,unbecome}_root() block. Otherwise, smbd cannot access
the user's password to verify the bind.
Do any of the NTLMSSP gurus see a problem with this?
(patch attached).
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFEqSu4IR7qMdg1EfYRAtuuAKCt1u2QnHnCMUeG2lIA7duNCgwe9wCguEny
U2vWmnSgJSaWA7kLE4X8trs=
=oDz9
-----END PGP SIGNATURE-----
-------------- next part --------------
=== modified file 'source/rpc_server/srv_pipe.c'
--- source/rpc_server/srv_pipe.c
+++ source/rpc_server/srv_pipe.c
@@ -620,7 +620,10 @@
p->pipe_user.ut.ngroups = 0;
SAFE_FREE( p->pipe_user.ut.groups);
+ /* this has to be done as root in order to verify the password */
+ become_root();
status = auth_ntlmssp_update(a, *p_resp_blob, &reply);
+ unbecome_root();
/* Don't generate a reply. */
data_blob_free(&reply);
More information about the samba-technical
mailing list