pwhistory = new_history;
}
- if (pwhistory != NULL) {
- /*
- * Make room for the new password in the history list.
- */
- if (pwHistLen > 1) {
- memmove(&pwhistory[PW_HISTORY_ENTRY_LEN], pwhistory,
- (pwHistLen-1)*PW_HISTORY_ENTRY_LEN );
- }
- /*
- * Create the new salt as the first part of the
- * history entry.
- */
- generate_random_buffer(pwhistory, PW_HISTORY_SALT_LEN);
+ /*
+ * Make room for the new password in the history list.
+ */
+ if (pwHistLen > 1) {
+ memmove(&pwhistory[PW_HISTORY_ENTRY_LEN], pwhistory,
+ (pwHistLen-1)*PW_HISTORY_ENTRY_LEN );
+ }
- /*
- * Generate the md5 hash of the salt+new password as
- * the second part of the history entry.
- */
+ /*
+ * Fill the salt area with 0-s: this indicates that
+ * a plain nt hash is stored in the has area.
+ * The old format was to store a 16 byte salt and
+ * then an md5hash of the nt_hash concatenated with
+ * the salt.
+ */
+ memset(pwhistory, 0, PW_HISTORY_SALT_LEN);
+
+ /*
+ * Store the plain nt hash in the second 16 bytes.
+ * The old format was to store the md5 hash of
+ * the salt+newpw.
+ */
+ memcpy(&pwhistory[PW_HISTORY_SALT_LEN], new_nt_p16, SALTED_MD5_HASH_LEN);
+
+ pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED);
- E_md5hash(pwhistory, new_nt_p16,
- &pwhistory[PW_HISTORY_SALT_LEN]);
- pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED);
- } else {
- DEBUG (10,("pdb_get_set.c: pdb_set_plaintext_passwd: "
- "pwhistory was NULL!\n"));
- }
return True;
}