From: Andrew Tridgell Date: Fri, 26 Nov 2004 05:58:03 +0000 (+0000) Subject: r3977: fixed the lmPwdHash change in the rpc server (we were not fetching the X-Git-Tag: samba-misc-tags/initial-v4-0-unstable~10750 X-Git-Url: http://git.samba.org/?p=samba.git;a=commitdiff_plain;h=27e7fb3bafe4649359e2e68169b6f10fd4d2cc70 r3977: fixed the lmPwdHash change in the rpc server (we were not fetching the lm hash from the samdb, and thus not checking the verifier) fixed the client side to calculate the lm verifier based on the nt hash, not the lm hash (confirmed using w2k3) --- diff --git a/source/rpc_server/samr/samr_password.c b/source/rpc_server/samr/samr_password.c index 787061602c9..a3a1d2230f8 100644 --- a/source/rpc_server/samr/samr_password.c +++ b/source/rpc_server/samr/samr_password.c @@ -251,7 +251,7 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, const char *user_dn, *domain_dn = NULL; int ret; struct ldb_message **res, mod; - const char * const attrs[] = { "objectSid", "ntPwdHash", "unicodePwd", NULL }; + const char * const attrs[] = { "objectSid", "ntPwdHash", "lmPwdHash", "unicodePwd", NULL }; const char * const dom_attrs[] = { "minPwdLength", "pwdHistoryLength", "pwdProperties", "minPwdAge", "maxPwdAge", NULL }; diff --git a/source/torture/rpc/samr.c b/source/torture/rpc/samr.c index a4eb1de1425..370f309b6c8 100644 --- a/source/torture/rpc/samr.c +++ b/source/torture/rpc/samr.c @@ -1036,7 +1036,7 @@ static BOOL test_ChangePasswordUser2(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, encode_pw_buffer(lm_pass.data, newpass, STR_ASCII|STR_TERMINATE); arcfour_crypt(lm_pass.data, old_lm_hash, 516); - E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); + E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash); encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); arcfour_crypt(nt_pass.data, old_nt_hash, 516); @@ -1091,7 +1091,7 @@ static BOOL test_ChangePasswordUser3(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, encode_pw_buffer(lm_pass.data, newpass, STR_UNICODE); arcfour_crypt(lm_pass.data, old_nt_hash, 516); - E_old_pw_hash(new_lm_hash, old_lm_hash, lm_verifier.hash); + E_old_pw_hash(new_nt_hash, old_lm_hash, lm_verifier.hash); encode_pw_buffer(nt_pass.data, newpass, STR_UNICODE); arcfour_crypt(nt_pass.data, old_nt_hash, 516);