summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h5
-rw-r--r--source3/libsmb/smbencrypt.c86
-rw-r--r--source3/rpc_server/srv_samr.c24
3 files changed, 83 insertions, 32 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 35ac728921..2b2a85ed4e 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -838,8 +838,11 @@ void sam_pwd_hash(uint32 rid, const uchar *in, uchar *out, int forw);
void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24);
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
void E_md4hash(uchar *passwd, uchar *p16);
+void lm_owf_genW(const UNISTR2 *pwd, uchar p16[16]);
void lm_owf_gen(const char *pwd, uchar p16[16]);
+void nt_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16]);
void nt_owf_gen(const char *pwd, uchar nt_p16[16]);
+void nt_lm_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16], uchar lm_p16[16]);
void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar lm_p16[16]);
void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]);
void SMBOWFencrypt_ntv2(const uchar kr[16],
@@ -861,7 +864,7 @@ void create_ntlmssp_resp(struct pwd_info *pwd,
uint32 ntlmssp_cli_flgs,
prs_struct *auth_resp);
BOOL decode_pw_buffer(const char buffer[516], char *new_passwd,
- int new_passwd_size, BOOL nt_pass_set);
+ int new_passwd_size, uint32 *new_pw_len);
BOOL encode_pw_buffer(char buffer[516], const char *new_pass,
int new_pw_len, BOOL nt_pass_set);
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index 46e979fd18..659dba6562 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -133,6 +133,35 @@ void E_md4hash(uchar *passwd, uchar *p16)
}
/* Does the LM owf of a user's password */
+void lm_owf_genW(const UNISTR2 *pwd, uchar p16[16])
+{
+ char passwd[15];
+
+ memset(passwd,'\0',15);
+ if (pwd != NULL)
+ {
+ unistr2_to_ascii( passwd, pwd, sizeof(passwd)-1);
+ }
+
+ /* Mangle the passwords into Lanman format */
+ passwd[14] = '\0';
+ strupper(passwd);
+
+ /* Calculate the SMB (lanman) hash functions of the password */
+
+ memset(p16, '\0', 16);
+ E_P16((uchar *) passwd, (uchar *)p16);
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("nt_lm_owf_gen: pwd, lm#\n"));
+ dump_data(120, passwd, strlen(passwd));
+ dump_data(100, p16, 16);
+#endif
+ /* clear out local copy of user's password (just being paranoid). */
+ bzero(passwd, sizeof(passwd));
+}
+
+/* Does the LM owf of a user's password */
void lm_owf_gen(const char *pwd, uchar p16[16])
{
char passwd[15];
@@ -162,6 +191,30 @@ void lm_owf_gen(const char *pwd, uchar p16[16])
}
/* Does both the NT and LM owfs of a user's password */
+void nt_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16])
+{
+ UNISTR2 passwd;
+
+ memset(&passwd,'\0',sizeof(passwd));
+ if (pwd != NULL)
+ {
+ copy_unistr2(&passwd, pwd);
+ }
+
+ /* Calculate the MD4 hash (NT compatible) of the password */
+ memset(nt_p16, '\0', 16);
+ mdfour(nt_p16, (unsigned char *)passwd.buffer, passwd.uni_str_len * 2);
+
+#ifdef DEBUG_PASSWORD
+ DEBUG(100,("nt_owf_gen: pwd, nt#\n"));
+ dump_data(120, (const char*)passwd.buffer, passwd.uni_str_len * 2);
+ dump_data(100, nt_p16, 16);
+#endif
+ /* clear out local copy of user's password (just being paranoid). */
+ memset(&passwd, 0, sizeof(passwd));
+}
+
+/* Does both the NT and LM owfs of a user's password */
void nt_owf_gen(const char *pwd, uchar nt_p16[16])
{
char passwd[130];
@@ -177,7 +230,7 @@ void nt_owf_gen(const char *pwd, uchar nt_p16[16])
E_md4hash((uchar *)passwd, nt_p16);
#ifdef DEBUG_PASSWORD
- DEBUG(100,("nt_lm_owf_gen: pwd, nt#\n"));
+ DEBUG(100,("nt_owf_gen: pwd, nt#\n"));
dump_data(120, passwd, strlen(passwd));
dump_data(100, nt_p16, 16);
#endif
@@ -185,6 +238,13 @@ void nt_owf_gen(const char *pwd, uchar nt_p16[16])
bzero(passwd, sizeof(passwd));
}
+/* Does both the NT and LM owfs of a user's UNICODE password */
+void nt_lm_owf_genW(const UNISTR2 *pwd, uchar nt_p16[16], uchar lm_p16[16])
+{
+ nt_owf_genW(pwd, nt_p16);
+ lm_owf_genW(pwd, lm_p16);
+}
+
/* Does both the NT and LM owfs of a user's password */
void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar lm_p16[16])
{
@@ -434,39 +494,27 @@ void create_ntlmssp_resp(struct pwd_info *pwd,
decode a password buffer
************************************************************/
BOOL decode_pw_buffer(const char buffer[516], char *new_passwd,
- int new_passwd_size, BOOL nt_pass_set)
+ int new_passwd_size, uint32 *new_pw_len)
{
/*
* The length of the new password is in the last 4 bytes of
* the data buffer.
*/
- uint32 new_pw_len = IVAL(buffer, 512);
+ (*new_pw_len) = IVAL(buffer, 512);
#ifdef DEBUG_PASSWORD
dump_data(100, buffer, 516);
#endif
- if (new_pw_len < 0 || new_pw_len > new_passwd_size - 1)
+ if ((*new_pw_len) < 0 || (*new_pw_len) > new_passwd_size - 1)
{
- DEBUG(0,("check_oem_password: incorrect password length (%d).\n", new_pw_len));
+ DEBUG(0,("check_oem_password: incorrect password length (%d).\n", (*new_pw_len)));
return False;
}
- if (nt_pass_set)
- {
- /*
- * nt passwords are in unicode
- */
- int uni_pw_len = new_pw_len;
- new_pw_len /= 2;
- unibuf_to_ascii(new_passwd, &buffer[512-uni_pw_len], new_pw_len);
- }
- else
- {
- memcpy(new_passwd, &buffer[512-new_pw_len], new_pw_len);
- new_passwd[new_pw_len] = '\0';
- }
+ memcpy(new_passwd, &buffer[512-(*new_pw_len)], (*new_pw_len));
+ new_passwd[(*new_pw_len)] = '\0';
return True;
}
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index a220e38b07..e55a6b2ce8 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -2052,7 +2052,8 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
struct sam_passwd new_pwd;
static uchar nt_hash[16];
static uchar lm_hash[16];
- pstring new_pw;
+ UNISTR2 new_pw;
+ uint32 len;
if (pwd == NULL)
{
@@ -2062,16 +2063,15 @@ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
pwdb_init_sam(&new_pwd);
copy_sam_passwd(&new_pwd, pwd);
- if (!decode_pw_buffer(id24->pass, new_pw, sizeof(new_pw), True))
+ if (!decode_pw_buffer(id24->pass, (char *)new_pw.buffer, 256, &len))
{
return False;
}
-#ifdef DEBUG_PASSWORD
- DEBUG(0,("New Password: %s\n", new_pw));
-#endif
+ new_pw.uni_max_len = len / 2;
+ new_pw.uni_str_len = len / 2;
- nt_lm_owf_gen(new_pw, nt_hash, lm_hash);
+ nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
new_pwd.smb_passwd = lm_hash;
new_pwd.smb_nt_passwd = nt_hash;
@@ -2088,7 +2088,8 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
struct sam_passwd new_pwd;
static uchar nt_hash[16];
static uchar lm_hash[16];
- pstring new_pw;
+ UNISTR2 new_pw;
+ uint32 len;
if (id23 == NULL)
{
@@ -2104,16 +2105,15 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
copy_sam_passwd(&new_pwd, pwd);
copy_id23_to_sam_passwd(&new_pwd, id23);
- if (!decode_pw_buffer(id23->pass, new_pw, sizeof(new_pw), True))
+ if (!decode_pw_buffer(id23->pass, (char*)new_pw.buffer, 256, &len))
{
return False;
}
-#ifdef DEBUG_PASSWORD
- DEBUG(0,("New Password: %s\n", new_pw));
-#endif
+ new_pw.uni_max_len = len / 2;
+ new_pw.uni_str_len = len / 2;
- nt_lm_owf_gen(new_pw, nt_hash, lm_hash);
+ nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
new_pwd.smb_passwd = lm_hash;
new_pwd.smb_nt_passwd = nt_hash;