Changeset 228 for branches/samba-3.2.x/source/libnet/libnet_samsync.c

Timestamp:

May 26, 2009, 9:44:50 AM (17 years ago)

Author:

Herwig Bauernfeind

Message:

Update 3.2 branch to 3.2.6

File:

• branches/samba-3.2.x/source/libnet/libnet_samsync.c (modified) (7 diffs)

branches/samba-3.2.x/source/libnet/libnet_samsync.c

@@ -33 +33 @@
 static NTSTATUS fix_user(TALLOC_CTX *mem_ctx,
                          DATA_BLOB *session_key,
-                         bool rid_crypt,
                          enum netr_SamDatabaseID database_id,
                          struct netr_DELTA_ENUM *delta)
@@ -42 +41 @@
         struct samr_Password lm_hash;
         struct samr_Password nt_hash;
+
 
-        if (rid_crypt) {
-                if (user->lm_password_present) {
+        memset(zero_buf, '\0', sizeof(zero_buf));
+
+        /* Note that win2000 may send us all zeros
+         * for the hashes if it doesn't
+         * think this channel is secure enough. */
+        if (user->lm_password_present) {
+                if (memcmp(user->lmpassword.hash, zero_buf, 16) != 0) {
                         sam_pwd_hash(rid, user->lmpassword.hash, lm_hash.hash, 0);
-                        user->lmpassword = lm_hash;
+                } else {
+                        memset(lm_hash.hash, '\0', sizeof(lm_hash.hash));
                 }
+
+
 
-                if (user->nt_password_present) {
+        if (user->nt_password_present) {
+                if (memcmp(user->ntpassword.hash, zero_buf, 16) != 0) {
                         sam_pwd_hash(rid, user->ntpassword.hash, nt_hash.hash, 0);
-                        user->ntpassword = nt_hash;
+                } else {
+                        memset(nt_hash.hash, '\0', sizeof(nt_hash.hash));
                 }
+
         }
 
@@ -72 +83 @@
                 }
 
+
+
+
                 if (keys.keys.keys2.lmpassword.length == 16) {
-                        if (rid_crypt) {
+                        if (memcmp(keys.keys.keys2.lmpassword.pwd.hash,
+                                                zero_buf, 16) != 0) {
                                 sam_pwd_hash(rid,
                                              keys.keys.keys2.lmpassword.pwd.hash,
                                              lm_hash.hash, 0);
-                                user->lmpassword = lm_hash;
                         } else {
-                                user->lmpassword = keys.keys.keys2.lmpassword.pwd;
+                                ;
                         }
+
                         user->lm_password_present = true;
                 }
                 if (keys.keys.keys2.ntpassword.length == 16) {
-                        if (rid_crypt) {
+                        if (memcmp(keys.keys.keys2.ntpassword.pwd.hash,
+                                                zero_buf, 16) != 0) {
                                 sam_pwd_hash(rid,
-                                             keys.keys.keys2.ntpassword.pwd.hash,
-                                             nt_hash.hash, 0);
-                                user->ntpassword = nt_hash;
+                                        keys.keys.keys2.ntpassword.pwd.hash,
+                                        nt_hash.hash, 0);
                         } else {
-                                user->ntpassword = keys.keys.keys2.ntpassword.pwd;
+                                ;
                         }
+
                         user->nt_password_present = true;
                 }
@@ -129 +145 @@
 static NTSTATUS samsync_fix_delta(TALLOC_CTX *mem_ctx,
                                   DATA_BLOB *session_key,
-                                  bool rid_crypt,
                                   enum netr_SamDatabaseID database_id,
                                   struct netr_DELTA_ENUM *delta)
@@ -140 +155 @@
                         status = fix_user(mem_ctx,
                                           session_key,
-                                          rid_crypt,
                                           database_id,
                                           delta);