summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2010-05-11 02:24:43 +0200
committerGünther Deschner <gd@samba.org>2010-05-26 22:15:51 +0200
commit7fa2129db665331dcfd2f1849220ea3278252ce3 (patch)
treec375674d47fa750f3bbe1b55c0fdf1e710be1cb1
parenta17203ba651eb643580e98aa67955eb23a374a3e (diff)
downloadsamba-7fa2129db665331dcfd2f1849220ea3278252ce3.tar.gz
samba-7fa2129db665331dcfd2f1849220ea3278252ce3.tar.bz2
samba-7fa2129db665331dcfd2f1849220ea3278252ce3.zip
s3-lanman: parse encrypted and min_pwd_length in api_SetUserPassword().
Guenther
-rw-r--r--source3/smbd/lanman.c28
1 files changed, 25 insertions, 3 deletions
diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c
index 26debc2963..8c4d60cef9 100644
--- a/source3/smbd/lanman.c
+++ b/source3/smbd/lanman.c
@@ -2840,6 +2840,8 @@ static bool api_SetUserPassword(connection_struct *conn,uint16 vuid,
struct samr_Password new_lm_hash;
int errcode = NERR_badpass;
uint32_t rid;
+ int encrypted;
+ int min_pwd_length;
/* Skip 2 strings. */
p = skip_string(param,tpscnt,np);
@@ -2872,6 +2874,18 @@ static bool api_SetUserPassword(connection_struct *conn,uint16 vuid,
memcpy(pass1,p,16);
memcpy(pass2,p+16,16);
+ encrypted = get_safe_SVAL(param,tpscnt,p+32,0,-1);
+ if (encrypted == -1) {
+ errcode = W_ERROR_V(WERR_INVALID_PARAM);
+ goto out;
+ }
+
+ min_pwd_length = get_safe_SVAL(param,tpscnt,p+34,0,-1);
+ if (min_pwd_length == -1) {
+ errcode = W_ERROR_V(WERR_INVALID_PARAM);
+ goto out;
+ }
+
*rparam_len = 4;
*rparam = smb_realloc_limit(*rparam,*rparam_len);
if (!*rparam) {
@@ -2880,7 +2894,8 @@ static bool api_SetUserPassword(connection_struct *conn,uint16 vuid,
*rdata_len = 0;
- DEBUG(3,("Set password for <%s>\n",user));
+ DEBUG(3,("Set password for <%s> (encrypted: %d, min_pwd_length: %d)\n",
+ user, encrypted, min_pwd_length));
ZERO_STRUCT(connect_handle);
ZERO_STRUCT(domain_handle);
@@ -2966,8 +2981,15 @@ static bool api_SetUserPassword(connection_struct *conn,uint16 vuid,
goto out;
}
- E_deshash(pass1, old_lm_hash.hash);
- E_deshash(pass2, new_lm_hash.hash);
+ if (encrypted == 0) {
+ E_deshash(pass1, old_lm_hash.hash);
+ E_deshash(pass2, new_lm_hash.hash);
+ } else {
+ ZERO_STRUCT(old_lm_hash);
+ ZERO_STRUCT(new_lm_hash);
+ memcpy(old_lm_hash.hash, pass1, MIN(strlen(pass1), 16));
+ memcpy(new_lm_hash.hash, pass1, MIN(strlen(pass2), 16));
+ }
status = rpccli_samr_ChangePasswordUser(cli, mem_ctx,
&user_handle,