SF Bug #3003779 - Unable to check password for NT and LN samba hashed

htdocs/password_checker.php

@@ -18,6 +18,7 @@ $request['componentid'] = get_request('componentid','REQUEST');
 $request['hash'] = get_request('hash','REQUEST');
 $request['password'] = get_request('check_password','REQUEST');
 $request['action'] = get_request('action','REQUEST');
+$request['attribute'] = get_request('attr','REQUEST');
 
 if (get_request('base64','REQUEST')) {
 	$request['hash'] = base64_decode($request['hash']);
@@ -30,6 +31,7 @@ printf('<h3 class="subtitle">%s</h3>',_('Password Checker Tool'));
 
 echo '<form action="password_checker.php" method="post">';
 echo '<input type="hidden" name="action" value="compare" />';
+printf('<input type="hidden" name="attr" value="%s" />',$request['attribute']);
 
 echo '<table class="forminput" width="100%" border="0">';
 
@@ -53,7 +55,7 @@ echo '<td><input type="submit" value="Compare" />';
 if ($request['action'] == 'compare') {
 	echo '&nbsp;&nbsp;&nbsp;&nbsp;<b>';
 
-	if (password_check($request['hash'],$request['password']))
+	if (password_check($request['hash'],$request['password'],$request['attribute']))
 		printf('<span class="good">%s</span>',_('Passwords match!'));
 	else
 		printf('<span class="bad">%s</span>',_('Passwords do not match!'));

lib/TemplateRender.php

@@ -2376,9 +2376,9 @@ function deleteAttribute(attrName,friendlyName,i)
 		# Add the javascript so we can call check password later.
 		echo '
 <script type="text/javascript">
-	function passwordComparePopup(component_id) {
+	function passwordComparePopup(component_id,attr) {
 		mywindow = open(\'password_checker.php\',\'myname\',\'resizable=no,width=500,height=200,scrollbars=1\');
-		mywindow.location.href = \'password_checker.php?componentid=\'+component_id;
+		mywindow.location.href = \'password_checker.php?componentid=\'+component_id+\'&attr=\'+attr;
 		if (mywindow.opener == null) mywindow.opener = self;
 	}
 </script>';
@@ -2391,8 +2391,8 @@ function deleteAttribute(attrName,friendlyName,i)
 	protected function drawCheckLinkPasswordAttribute($attribute,$component_id) {
 		if (DEBUGTMP) printf('<font size=-2>%s</font><br />',__METHOD__);
 
-		printf('<small><a href="javascript:passwordComparePopup(\'%s\')">%s...</a></small><br />',
-			$component_id,_('Check password'));
+		printf('<small><a href="javascript:passwordComparePopup(\'%s\',\'%s\')">%s...</a></small><br />',
+			$component_id,$attribute->getName(),_('Check password'));
 	}
 
 	/** RANDOM PASSWORD **/

lib/functions.php

@@ -2198,10 +2198,30 @@ function password_hash($password_clear,$enc_type) {
  * @param String The password in clear text to test.
  * @return Boolean True if the clear password matches the hash, and false otherwise.
  */
-function password_check($cryptedpassword,$plainpassword) {
+function password_check($cryptedpassword,$plainpassword,$attribute='userpassword') {
 	if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
 		debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
 
+	if (in_array($attribute,array('sambalmpassword','sambantpassword'))) {
+		$smb = new smbHash;
+
+		switch($attribute) {
+			case 'sambalmpassword':
+				if (strcmp($smb->lmhash($plainpassword),$cryptedpassword) == 0)
+					return true;
+				else
+					return false;
+
+			case 'sambantpassword':
+				if (strcmp($smb->nthash($plainpassword),$cryptedpassword) == 0)
+					return true;
+				else
+					return false;
+		}
+
+		return false;
+	}
+
 	if (preg_match('/{([^}]+)}(.*)/',$cryptedpassword,$matches)) {
 		$cryptedpassword = $matches[2];
 		$cypher = strtolower($matches[1]);