|
|
b6b438 |
From f1fe9abde9375d06cd4b6f0265ee1af483bbfd14 Mon Sep 17 00:00:00 2001
|
|
|
b6b438 |
From: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
Date: Wed, 15 May 2019 08:46:56 +0200
|
|
|
b6b438 |
Subject: [PATCH 203/208] s4:samdb: Allow to hash password using MD5 in samdb
|
|
|
b6b438 |
|
|
|
b6b438 |
Those passwords are stored in the local database.
|
|
|
b6b438 |
|
|
|
b6b438 |
Signed-off-by: Andreas Schneider <asn@samba.org>
|
|
|
b6b438 |
---
|
|
|
b6b438 |
source4/dsdb/samdb/ldb_modules/password_hash.c | 7 ++++++-
|
|
|
b6b438 |
1 file changed, 6 insertions(+), 1 deletion(-)
|
|
|
b6b438 |
|
|
|
b6b438 |
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
|
|
|
b6b438 |
index 006e35c46d5..1e94bb8f01c 100644
|
|
|
b6b438 |
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
|
|
|
b6b438 |
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
|
|
|
b6b438 |
@@ -48,7 +48,7 @@
|
|
|
b6b438 |
#include "auth/common_auth.h"
|
|
|
b6b438 |
#include "lib/messaging/messaging.h"
|
|
|
b6b438 |
|
|
|
b6b438 |
-#include <gnutls/gnutls.h>
|
|
|
b6b438 |
+#include "lib/crypto/gnutls_helpers.h"
|
|
|
b6b438 |
#include <gnutls/crypto.h>
|
|
|
b6b438 |
|
|
|
b6b438 |
#ifdef ENABLE_GPGME
|
|
|
b6b438 |
@@ -1372,6 +1372,8 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io,
|
|
|
b6b438 |
for (i=0; i < ARRAY_SIZE(wdigest); i++) {
|
|
|
b6b438 |
gnutls_hash_hd_t hash_hnd = NULL;
|
|
|
b6b438 |
|
|
|
b6b438 |
+ GNUTLS_FIPS140_SET_LAX_MODE();
|
|
|
b6b438 |
+
|
|
|
b6b438 |
rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5);
|
|
|
b6b438 |
if (rc < 0) {
|
|
|
b6b438 |
rc = ldb_oom(ldb);
|
|
|
b6b438 |
@@ -1436,10 +1438,13 @@ static int setup_primary_wdigest(struct setup_password_fields_io *io,
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
gnutls_hash_deinit(hash_hnd, pdb->hashes[i].hash);
|
|
|
b6b438 |
+
|
|
|
b6b438 |
+ GNUTLS_FIPS140_SET_STRICT_MODE();
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
rc = LDB_SUCCESS;
|
|
|
b6b438 |
out:
|
|
|
b6b438 |
+ GNUTLS_FIPS140_SET_STRICT_MODE();
|
|
|
b6b438 |
return rc;
|
|
|
b6b438 |
}
|
|
|
b6b438 |
|
|
|
b6b438 |
--
|
|
|
b6b438 |
2.23.0
|
|
|
b6b438 |
|