From e6397bef88675acc61c1020ac0d5dc848a99beeb Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 5 Jan 2010 18:28:48 +0100 Subject: [PATCH] s3:passdb: store the plain nt passwords hashes in history, not salted md5 This is in order to be able to do challenge response with the history, so that this can be checked when an invalid password was entered: If the given password is wrong but in the history, then the bad password count should not be updated... The "lucky" bit here is that the md5 has and the nt hash (md4) both are 16 bytes long. This is part of the fix for bug #4347 . Michael (cherry picked from commit d909861c64cf874b1625039b0e1eace507a29b28) --- source3/passdb/pdb_get_set.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index 447854bc26b..74ed018d2ed 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -1069,15 +1069,20 @@ bool pdb_set_plaintext_passwd(struct samu *sampass, const char *plaintext) } /* - * Create the new salt as the first part of the history entry. + * Fill the salt area with 0-s: this indicates that + * a plain nt hash is stored in the has area. + * The old format was to store a 16 byte salt and + * then an md5hash of the nt_hash concatenated with + * the salt. */ - generate_random_buffer(pwhistory, PW_HISTORY_SALT_LEN); + memset(pwhistory, 0, PW_HISTORY_SALT_LEN); /* - * Generate the md5 hash of the salt+new password as the - * second part of the history entry. + * Store the plain nt hash in the second 16 bytes. + * The old format was to store the md5 hash of + * the salt+newpw. */ - E_md5hash(pwhistory, new_nt_p16, &pwhistory[PW_HISTORY_SALT_LEN]); + memcpy(&pwhistory[PW_HISTORY_SALT_LEN], new_nt_p16, SALTED_MD5_HASH_LEN); pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED); -- 2.11.4.GIT