The First Necessary UNICODE String Support.

the random workstation trust account password is TOTAL garbage.  i mean,
complete garbage.  it's nowhere CLOSE to being a UNICODE string.  therefore
we can't just take every second character.

created nt_owf_genW() which creates NT#(password) instead of NT#(Unicode(pw)).
followed through to the password setting in srv_samr.c
(This used to be commit 172601b84ae94044b27ded917d4e0e21e47a5a66)

3 files changed, 83 insertions, 32 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 35ac728921..2b2a85ed4e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -838,8 +838,11 @@ void sam_pwd_hash(uint32 rid, const uchar *in, uchar *out, int forw);
 void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24);
 void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
 void E_md4hash(uchar *passwd, uchar *p16);
+void lm_owf_genW(const UNISTR2 *pwd, uchar p16[16]);
 void lm_owf_gen(const char *pwd, uchar p16[16]);
+void nt_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16]);
 void nt_owf_gen(const char *pwd, uchar nt_p16[16]);
+void nt_lm_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16], uchar lm_p16[16]);
 void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar lm_p16[16]);
 void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]);
 void SMBOWFencrypt_ntv2(const uchar kr[16], 
@@ -861,7 +864,7 @@ void create_ntlmssp_resp(struct pwd_info *pwd,
 				uint32 ntlmssp_cli_flgs,
                                 prs_struct *auth_resp);
 BOOL decode_pw_buffer(const char buffer[516], char *new_passwd,
-			int new_passwd_size, BOOL nt_pass_set);
+			int new_passwd_size, uint32 *new_pw_len);
 BOOL encode_pw_buffer(char buffer[516], const char *new_pass,
 			int new_pw_len, BOOL nt_pass_set);
 
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 46e979fd18..659dba6562 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -133,6 +133,35 @@ void E_md4hash(uchar *passwd, uchar *p16)
 }
 
 /* Does the LM owf of a user's password */
+void lm_owf_genW(const UNISTR2 *pwd, uchar p16[16])
+{
+	char passwd[15];
+
+	memset(passwd,'\0',15);
+	if (pwd != NULL)
+	{
+		unistr2_to_ascii( passwd, pwd, sizeof(passwd)-1);
+	}
+
+	/* Mangle the passwords into Lanman format */
+	passwd[14] = '\0';
+	strupper(passwd);
+
+	/* Calculate the SMB (lanman) hash functions of the password */
+
+	memset(p16, '\0', 16);
+	E_P16((uchar *) passwd, (uchar *)p16);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("nt_lm_owf_gen: pwd, lm#\n"));
+	dump_data(120, passwd, strlen(passwd));
+	dump_data(100, p16, 16);
+#endif
+	/* clear out local copy of user's password (just being paranoid). */
+	bzero(passwd, sizeof(passwd));
+}
+
+/* Does the LM owf of a user's password */
 void lm_owf_gen(const char *pwd, uchar p16[16])
 {
 	char passwd[15];
@@ -162,6 +191,30 @@ void lm_owf_gen(const char *pwd, uchar p16[16])
 }
 
 /* Does both the NT and LM owfs of a user's password */
+void nt_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16])
+{
+	UNISTR2 passwd;
+
+	memset(&passwd,'\0',sizeof(passwd));
+	if (pwd != NULL)
+	{
+		copy_unistr2(&passwd, pwd);
+	}
+
+	/* Calculate the MD4 hash (NT compatible) of the password */
+	memset(nt_p16, '\0', 16);
+	mdfour(nt_p16, (unsigned char *)passwd.buffer, passwd.uni_str_len * 2);
+
+#ifdef DEBUG_PASSWORD
+	DEBUG(100,("nt_owf_gen: pwd, nt#\n"));
+	dump_data(120, (const char*)passwd.buffer, passwd.uni_str_len * 2);
+	dump_data(100, nt_p16, 16);
+#endif
+	/* clear out local copy of user's password (just being paranoid). */
+	memset(&passwd, 0, sizeof(passwd));
+}
+
+/* Does both the NT and LM owfs of a user's password */
 void nt_owf_gen(const char *pwd, uchar nt_p16[16])
 {
 	char passwd[130];
@@ -177,7 +230,7 @@ void nt_owf_gen(const char *pwd, uchar nt_p16[16])
 	E_md4hash((uchar *)passwd, nt_p16);
 
 #ifdef DEBUG_PASSWORD
-	DEBUG(100,("nt_lm_owf_gen: pwd, nt#\n"));
+	DEBUG(100,("nt_owf_gen: pwd, nt#\n"));
 	dump_data(120, passwd, strlen(passwd));
 	dump_data(100, nt_p16, 16);
 #endif
@@ -185,6 +238,13 @@ void nt_owf_gen(const char *pwd, uchar nt_p16[16])
 	bzero(passwd, sizeof(passwd));
 }
 
+/* Does both the NT and LM owfs of a user's UNICODE password */
+void nt_lm_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16], uchar lm_p16[16])
+{
+	nt_owf_genW(pwd, nt_p16);
+	lm_owf_genW(pwd, lm_p16);
+}
+
 /* Does both the NT and LM owfs of a user's password */
 void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar lm_p16[16])
 {
@@ -434,39 +494,27 @@ void create_ntlmssp_resp(struct pwd_info *pwd,
  decode a password buffer
 ************************************************************/
 BOOL decode_pw_buffer(const char buffer[516], char *new_passwd,
-			int new_passwd_size, BOOL nt_pass_set)
+			int new_passwd_size, uint32 *new_pw_len)
 {
 	/* 
 	 * The length of the new password is in the last 4 bytes of
 	 * the data buffer.
 	 */
 
-	uint32 new_pw_len = IVAL(buffer, 512);
+	(*new_pw_len) = IVAL(buffer, 512);
 
 #ifdef DEBUG_PASSWORD
 	dump_data(100, buffer, 516);
 #endif
 
-	if (new_pw_len < 0 || new_pw_len > new_passwd_size - 1)
+	if ((*new_pw_len) < 0 || (*new_pw_len) > new_passwd_size - 1)
 	{
-		DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len));
+		DEBUG(0,("check_oem_password: incorrect password length (%d).\n", (*new_pw_len)));
 		return False;
 	}
 
-	if (nt_pass_set)
-	{
-		/*
-		 * nt passwords are in unicode
-		 */
-		int uni_pw_len = new_pw_len;
-		new_pw_len /= 2;
-		unibuf_to_ascii(new_passwd, &buffer[512-uni_pw_len], new_pw_len);
-	}
-	else
-	{
-		memcpy(new_passwd, &buffer[512-new_pw_len], new_pw_len);
-		new_passwd[new_pw_len] = '\0';
-	}
+	memcpy(new_passwd, &buffer[512-(*new_pw_len)], (*new_pw_len));
+	new_passwd[(*new_pw_len)] = '\0';
 
 	return True;
 }
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index a220e38b07..e55a6b2ce8 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -2052,7 +2052,8 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
 	struct sam_passwd new_pwd;
 	static uchar nt_hash[16];
 	static uchar lm_hash[16];
-	pstring new_pw;
+	UNISTR2 new_pw;
+	uint32 len;
 
 	if (pwd == NULL)
 	{
@@ -2062,16 +2063,15 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
 	pwdb_init_sam(&new_pwd);
 	copy_sam_passwd(&new_pwd, pwd);
 
-	if (!decode_pw_buffer(id24->pass, new_pw, sizeof(new_pw), True))
+	if (!decode_pw_buffer(id24->pass, (char *)new_pw.buffer, 256, &len))
 	{
 		return False;
 	}
 
-#ifdef DEBUG_PASSWORD
-	DEBUG(0,("New Password: %s\n", new_pw));
-#endif
+	new_pw.uni_max_len = len / 2;
+	new_pw.uni_str_len = len / 2;
 
-	nt_lm_owf_gen(new_pw, nt_hash, lm_hash);
+	nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
 
 	new_pwd.smb_passwd    = lm_hash;
 	new_pwd.smb_nt_passwd = nt_hash;
@@ -2088,7 +2088,8 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
 	struct sam_passwd new_pwd;
 	static uchar nt_hash[16];
 	static uchar lm_hash[16];
-	pstring new_pw;
+	UNISTR2 new_pw;
+	uint32 len;
 
 	if (id23 == NULL)
 	{
@@ -2104,16 +2105,15 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
 	copy_sam_passwd(&new_pwd, pwd);
 	copy_id23_to_sam_passwd(&new_pwd, id23);
 
-	if (!decode_pw_buffer(id23->pass, new_pw, sizeof(new_pw), True))
+	if (!decode_pw_buffer(id23->pass, (char*)new_pw.buffer, 256, &len))
 	{
 		return False;
 	}
 
-#ifdef DEBUG_PASSWORD
-	DEBUG(0,("New Password: %s\n", new_pw));
-#endif
+	new_pw.uni_max_len = len / 2;
+	new_pw.uni_str_len = len / 2;
 
-	nt_lm_owf_gen(new_pw, nt_hash, lm_hash);
+	nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
 
 	new_pwd.smb_passwd    = lm_hash;
 	new_pwd.smb_nt_passwd = nt_hash;