From baf13627d2bc6ade8cb6c05c6ada027fde601844 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Mon, 18 Nov 2019 10:21:06 +0100 Subject: [PATCH 156/187] s3:rpc_server: Replace E_md5hash() with GnuTLS calls BUG: https://bugzilla.samba.org/show_bug.cgi?id=14195 Signed-off-by: Andreas Schneider Reviewed-by: Andrew Bartlett (cherry picked from commit a377214dce2e9d71f880949fe745d799c75f57a9) --- source3/rpc_server/samr/srv_samr_chgpasswd.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/source3/rpc_server/samr/srv_samr_chgpasswd.c b/source3/rpc_server/samr/srv_samr_chgpasswd.c index fc509494ebc..8c9cf73bdd8 100644 --- a/source3/rpc_server/samr/srv_samr_chgpasswd.c +++ b/source3/rpc_server/samr/srv_samr_chgpasswd.c @@ -901,11 +901,29 @@ static bool password_in_history(uint8_t nt_pw[NT_HASH_LEN], return true; } } else { + gnutls_hash_hd_t hash_hnd = NULL; + int rc; + /* * Old format: md5sum of salted nt hash. * Create salted version of new pw to compare. */ - E_md5hash(current_salt, nt_pw, new_nt_pw_salted_md5_hash); + rc = gnutls_hash_init(&hash_hnd, GNUTLS_DIG_MD5); + if (rc < 0) { + return false; + } + + rc = gnutls_hash(hash_hnd, current_salt, 16); + if (rc < 0) { + gnutls_hash_deinit(hash_hnd, NULL); + return false; + } + rc = gnutls_hash(hash_hnd, nt_pw, 16); + if (rc < 0) { + gnutls_hash_deinit(hash_hnd, NULL); + return false; + } + gnutls_hash_deinit(hash_hnd, new_nt_pw_salted_md5_hash); if (memcmp(new_nt_pw_salted_md5_hash, old_nt_pw_salted_md5_hash, -- 2.23.0