git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ecdd133)
password_hash: check the SUPPLEMENTAL_CREDENTIALS_SIGNATURE
authorStefan Metzmacher <metze@samba.org>
Wed, 23 Jul 2008 11:31:14 +0000 (13:31 +0200)
committerStefan Metzmacher <metze@samba.org>
Wed, 23 Jul 2008 12:46:08 +0000 (14:46 +0200)
metze
(This used to be commit 19b8c8e37bafab050ab61266c35006efada2947c)

source4/dsdb/samdb/ldb_modules/password_hash.c patch | blob | history

diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index e1490099481c8238b616d3b1627a4300c1829f1f..59ec18e5463554a63c8373bc77e86396bd750a4a 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -876,7 +876,9 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
 
        /* if there's an old supplementaCredentials blob then parse it */
        if (io->o.supplemental) {
-               ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac, lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")), &_old_scb,
+               ndr_err = ndr_pull_struct_blob_all(io->o.supplemental, io->ac,
+                                                  lp_iconv_convenience(ldb_get_opaque(io->ac->module->ldb, "loadparm")),
+                                                  &_old_scb,
                                                   (ndr_pull_flags_fn_t)ndr_pull_supplementalCredentialsBlob);
                if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
                        NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
@@ -887,7 +889,14 @@ static int setup_supplemental_field(struct setup_password_fields_io *io)
                        return LDB_ERR_OPERATIONS_ERROR;
                }
 
-               old_scb = &_old_scb;
+               if (_old_scb.sub.signature == SUPPLEMENTAL_CREDENTIALS_SIGNATURE) {
+                       old_scb = &_old_scb;
+               } else {
+                       ldb_debug(io->ac->module->ldb, LDB_DEBUG_ERROR,
+                                              "setup_supplemental_field: "
+                                              "supplementalCredentialsBlob signature[0x%04X] expected[0x%04X]",
+                                              _old_scb.sub.signature, SUPPLEMENTAL_CREDENTIALS_SIGNATURE);
+               }
        }
 
        if (io->domain->store_cleartext &&
Samba Shared Repository