summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/rpc_server/srv_samr_nt.c57
1 files changed, 53 insertions, 4 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index c60d904b18..a4bfe73f1c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -3667,8 +3667,9 @@ static bool set_user_info_20(struct samr_UserInfo20 *id20,
set_user_info_21
********************************************************************/
-static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx,
- struct samr_UserInfo21 *id21,
+static NTSTATUS set_user_info_21(struct samr_UserInfo21 *id21,
+ TALLOC_CTX *mem_ctx,
+ DATA_BLOB *session_key,
struct samu *pwd)
{
NTSTATUS status;
@@ -3686,6 +3687,52 @@ static NTSTATUS set_user_info_21(TALLOC_CTX *mem_ctx,
return NT_STATUS_ACCESS_DENIED;
}
+ if (id21->fields_present & SAMR_FIELD_NT_PASSWORD_PRESENT) {
+ if (id21->nt_password_set) {
+ DATA_BLOB in, out;
+
+ if ((id21->nt_owf_password.length != 16) ||
+ (id21->nt_owf_password.size != 16)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!session_key->length) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ in = data_blob_const(id21->nt_owf_password.array, 16);
+ out = data_blob_talloc_zero(mem_ctx, 16);
+
+ sess_crypt_blob(&out, &in, session_key, false);
+
+ pdb_set_nt_passwd(pwd, out.data, PDB_CHANGED);
+ pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
+ }
+ }
+
+ if (id21->fields_present & SAMR_FIELD_LM_PASSWORD_PRESENT) {
+ if (id21->lm_password_set) {
+ DATA_BLOB in, out;
+
+ if ((id21->lm_owf_password.length != 16) ||
+ (id21->lm_owf_password.size != 16)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!session_key->length) {
+ return NT_STATUS_NO_USER_SESSION_KEY;
+ }
+
+ in = data_blob_const(id21->lm_owf_password.array, 16);
+ out = data_blob_talloc_zero(mem_ctx, 16);
+
+ sess_crypt_blob(&out, &in, session_key, false);
+
+ pdb_set_lanman_passwd(pwd, out.data, PDB_CHANGED);
+ pdb_set_pass_last_set_time(pwd, time(NULL), PDB_CHANGED);
+ }
+ }
+
/* we need to separately check for an account rename first */
if (id21->account_name.string &&
@@ -4147,8 +4194,10 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
break;
case 21:
- status = set_user_info_21(p->mem_ctx,
- &info->info21, pwd);
+ status = set_user_info_21(&info->info21,
+ p->mem_ctx,
+ &p->server_info->user_session_key,
+ pwd);
break;
case 23: