summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-11-11 17:59:16 +1100
committerAndrew Bartlett <abartlet@samba.org>2010-11-11 09:55:06 +0000
commit01d10c84134341c17e7b41e42bac8368c26d1201 (patch)
tree189d88e3f745cd692ab7f34c8aa79ff0099ba2b1
parentbb241f5cf8424c2576d5bc33ac149e5720b82068 (diff)
downloadsamba-01d10c84134341c17e7b41e42bac8368c26d1201.tar.gz
samba-01d10c84134341c17e7b41e42bac8368c26d1201.tar.bz2
samba-01d10c84134341c17e7b41e42bac8368c26d1201.zip
s4-dsdb Return an error if we can't convert UTF16MUNGED -> UTF8
The UTF16MUNGED helper will map all invalid sequences (except odd input length) to valid input sequences, per the rules. Therefore if it fails, we need to bail out, somehing serious is wrong. Andrew Bartlett
-rw-r--r--source4/dsdb/samdb/ldb_modules/password_hash.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/password_hash.c b/source4/dsdb/samdb/ldb_modules/password_hash.c
index 9b6cf8cd35..acf48d31f9 100644
--- a/source4/dsdb/samdb/ldb_modules/password_hash.c
+++ b/source4/dsdb/samdb/ldb_modules/password_hash.c
@@ -1325,8 +1325,12 @@ static int setup_given_passwords(struct setup_password_fields_io *io,
g->cleartext_utf16->length,
(void *)&cleartext_utf8_str,
&converted_pw_len, false)) {
- /* We can't bail out entirely, as these unconvertable passwords are frustratingly valid */
+ /* We must bail out here, the input wasn't even a multiple of 2 bytes */
talloc_free(cleartext_utf8_blob);
+ ldb_asprintf_errstring(ldb,
+ "setup_password_fields: "
+ "UTF16 password for user %s had odd length (length must be a multiple of 2)", io->u.sAMAccountName);
+ return LDB_ERR_OPERATIONS_ERROR;
} else {
*cleartext_utf8_blob = data_blob_const(cleartext_utf8_str,
converted_pw_len);