diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2008-10-16 12:48:16 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2008-10-16 12:48:16 +1100 |
| commit | 7c88ea8aadfc2be0726cbe555543cfab8804c470 (patch) | |
| tree | 56f84c94f69e06880c6ad416117f0a1d7e7f5882 /source4/rpc_server/lsa | |
| parent | fc54ca014b21b655b643697475c6a0c05e773fc4 (diff) | |
| download | samba-7c88ea8aadfc2be0726cbe555543cfab8804c470.tar.gz samba-7c88ea8aadfc2be0726cbe555543cfab8804c470.tar.bz2 samba-7c88ea8aadfc2be0726cbe555543cfab8804c470.zip | |
Create a 'straight paper path' for UTF16 passwords.
This uses a virtual attribute 'clearTextPassword' (name chosen to
match references in MS-SAMR) that contains the length-limited blob
containing an allegidly UTF16 password. This ensures we do no
validation or filtering of the password before we get a chance to MD4
it. We can then do the required munging into UTF8, and in future
implement the rules Microsoft has provided us with for invalid inputs.
All layers in the process now deal with the strings as length-limited
inputs, incluing the krb5 string2key calls.
This commit also includes a small change to samdb_result_passwords()
to ensure that LM passwords are not returned to the application logic
if LM authentication is disabled.
The objectClass module has been modified to allow the
clearTextPassword attribute to pass down the stack.
Andrew Bartlett
Diffstat (limited to 'source4/rpc_server/lsa')
| -rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 21 |
1 files changed, 8 insertions, 13 deletions
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 9cda7d0d89..4c596f1f03 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -968,19 +968,14 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc mem_ctx, msg_user, "unicodePwd", &auth_struct.incoming.current[i]->AuthInfo.nt4owf.password); } else if (auth_struct.incoming.current[i]->AuthType == TRUST_AUTH_TYPE_CLEAR) { - struct samr_Password hash; -/* - . We cannot do this, as windows chooses to send in random passwords here, that won't convert to UTF8 - samdb_msg_add_string(trusted_domain_state->policy->sam_ldb, - mem_ctx, msg_user, "userPassword", - auth_struct.incoming.current->array[i].AuthInfo.clear.password); -*/ - mdfour(hash.hash, auth_struct.incoming.current[i]->AuthInfo.clear.password, - auth_struct.incoming.current[i]->AuthInfo.clear.size); - samdb_msg_add_hash(trusted_domain_state->policy->sam_ldb, - mem_ctx, msg_user, "unicodePwd", - &hash); - } + DATA_BLOB new_password = data_blob_const(auth_struct.incoming.current[i]->AuthInfo.clear.password, + auth_struct.incoming.current[i]->AuthInfo.clear.size); + ret = ldb_msg_add_value(msg_user, "clearTextPassword", &new_password, NULL); + if (ret != LDB_SUCCESS) { + ldb_transaction_cancel(policy_state->sam_ldb); + return NT_STATUS_NO_MEMORY; + } + } } } |