rpms / samba

Clone
Source Code
GIT

Blame SOURCES/0203-s4-samdb-Allow-to-hash-password-using-MD5-in-samdb.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c7-sig-storage-samba-411 c8 c8-beta c8-sig-storage-samba-411 c8-sig-storage-samba-412 c8-sig-storage-samba-413 c8-sig-storage-samba-414 c8-sig-storage-samba-415 c8s c8s-sig-storage-samba-413 c8s-sig-storage-samba-414 c8s-sig-storage-samba-415 c8s-sig-storage-samba-416 c8s-sig-storage-samba-417 c8s-sig-storage-samba-418 c8s-sig-storage-samba-419 c8s-sig-storage-samba-420 c9 c9-beta c9s-sig-storage-samba-414 c9s-sig-storage-samba-415 c9s-sig-storage-samba-416 c9s-sig-storage-samba-417 c9s-sig-storage-samba-418 c9s-sig-storage-samba-419 c9s-sig-storage-samba-420 c9s-sig-storage-samba-421
  1.   8683206b0a75e122dc03b497e4a663ac3491c75e
  2.   SOURCES
  3.   0203-s4-samdb-Allow-to-hash-password-using-MD5-in-samdb.patch
Blob History Raw
b6b438 
From f1fe9abde9375d06cd4b6f0265ee1af483bbfd14 Mon Sep 17 00:00:00 2001
b6b438 
From: Andreas Schneider <asn@samba.org>
b6b438 
Date: Wed, 15 May 2019 08:46:56 +0200
b6b438 
Subject: [PATCH 203/208] s4:samdb: Allow to hash password using MD5 in samdb
b6b438
b6b438 
Those passwords are stored in the local database.
b6b438
b6b438 
Signed-off-by: Andreas Schneider <asn@samba.org>
b6b438 
---
b6b438 
 source4/dsdb/samdb/ldb_modules/password_hash.c | 7 ++++++-
b6b438 
 1 file changed, 6 insertions(+), 1 deletion(-)
b6b438
b6b438 
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
b6b438 
index 006e35c46d5..1e94bb8f01c 100644
b6b438 
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
b6b438 
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
b6b438 
@@ -48,7 +48,7 @@
b6b438 
 #include "auth/common_auth.h"
b6b438 
 #include "lib/messaging/messaging.h"
b6b438
b6b438 
-#include <gnutls/gnutls.h>
b6b438 
+#include "lib/crypto/gnutls_helpers.h"
b6b438 
 #include <gnutls/crypto.h>
b6b438
b6b438 
 #ifdef ENABLE_GPGME
b6b438 
@@ -1372,6 +1372,8 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io,
b6b438 
 	for (i=0; i < ARRAY_SIZE(wdigest); i++) {
b6b438 
 		gnutls_hash_hd_t hash_hnd = NULL;
b6b438
b6b438 
+		GNUTLS_FIPS140_SET_LAX_MODE();
b6b438 
+
b6b438 
 		rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
b6b438 
 		if (rc < 0) {
b6b438 
 			rc = ldb_oom(ldb);
b6b438 
@@ -1436,10 +1438,13 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io,
b6b438 
 		}
b6b438
b6b438 
 		gnutls_hash_deinit(hash_hnd, pdb->hashes[i].hash);
b6b438 
+
b6b438 
+		GNUTLS_FIPS140_SET_STRICT_MODE();
b6b438 
 	}
b6b438
b6b438 
 	rc = LDB_SUCCESS;
b6b438 
 out:
b6b438 
+	GNUTLS_FIPS140_SET_STRICT_MODE();
b6b438 
 	return rc;
b6b438 
 }
b6b438
b6b438 
--
b6b438 
2.23.0
b6b438

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation