summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/libsmb/smbencrypt.c59
-rw-r--r--source3/rpc_server/srv_samr_nt.c28
2 files changed, 21 insertions, 66 deletions
diff --git a/source3/libsmb/smbencrypt.c b/source3/libsmb/smbencrypt.c
index b6273dedfc..119490aa7f 100644
--- a/source3/libsmb/smbencrypt.c
+++ b/source3/libsmb/smbencrypt.c
@@ -292,16 +292,15 @@ BOOL encode_pw_buffer(char buffer[516], const char *new_pass,
/***********************************************************
decode a password buffer
+ *new_pw_len is the length in bytes of the possibly mulitbyte
+ returned password including termination.
************************************************************/
BOOL decode_pw_buffer(char in_buffer[516], char *new_pwrd,
- int new_pwrd_size, uint32 *new_pw_len,
- uchar nt_p16[16], uchar p16[16])
+ int new_pwrd_size, uint32 *new_pw_len)
{
- int uni_pw_len=0;
int byte_len=0;
char unicode_passwd[514];
char lm_ascii_passwd[514];
- char passwd[514];
/*
Warning !!! : This function is called from some rpc call.
@@ -310,13 +309,6 @@ BOOL decode_pw_buffer(char in_buffer[516], char *new_pwrd,
If you reuse that code somewhere else check first.
*/
- ZERO_STRUCT(unicode_passwd);
- ZERO_STRUCT(lm_ascii_passwd);
- ZERO_STRUCT(passwd);
-
- memset(nt_p16, '\0', 16);
- memset(p16, '\0', 16);
-
/* The length of the new password is in the last 4 bytes of the data buffer. */
byte_len = IVAL(in_buffer, 512);
@@ -328,50 +320,19 @@ BOOL decode_pw_buffer(char in_buffer[516], char *new_pwrd,
/* Password cannot be longer than 128 characters */
if ( (byte_len < 0) || (byte_len > new_pwrd_size - 1)) {
DEBUG(0, ("decode_pw_buffer: incorrect password length (%d).\n", byte_len));
+ DEBUG(0, ("decode_pw_buffer: check that 'encrypt passwords = yes'\n"));
return False;
}
-
- pull_string(NULL, passwd, &in_buffer[512 - byte_len], -1, byte_len, STR_UNICODE);
- uni_pw_len = byte_len/2;
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("nt_lm_owf_gen: passwd: "));
- dump_data(100, (char *)passwd, uni_pw_len);
- DEBUG(100,("len:%d\n", uni_pw_len));
-#endif
- memcpy(unicode_passwd, &in_buffer[512 - byte_len], byte_len);
-
- mdfour(nt_p16, (unsigned char *)unicode_passwd, byte_len);
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("nt_lm_owf_gen: nt#:"));
- dump_data(100, (char *)nt_p16, 16);
- DEBUG(100,("\n"));
-#endif
-
- /* Mangle the passwords into Lanman format */
- memcpy(lm_ascii_passwd, passwd, byte_len/2);
- lm_ascii_passwd[14] = '\0';
- strupper(lm_ascii_passwd);
- /* Calculate the SMB (lanman) hash functions of the password */
- E_P16((uchar *) lm_ascii_passwd, (uchar *)p16);
+ /* decode into the return buffer. Buffer must be a pstring */
+ *new_pw_len = pull_string(NULL, new_pwrd, &in_buffer[512 - byte_len], new_pwrd_size, byte_len, STR_UNICODE);
#ifdef DEBUG_PASSWORD
- DEBUG(100,("nt_lm_owf_gen: lm#:"));
- dump_data(100, (char *)p16, 16);
- DEBUG(100,("\n"));
+ DEBUG(100,("decode_pw_buffer: new_pwrd: "));
+ dump_data(100, (char *)new_pwrd, *new_pw_len);
+ DEBUG(100,("multibyte len:%d\n", *new_pw_len));
+ DEBUG(100,("original char len:%d\n", byte_len/2));
#endif
-
- /* copy the password and it's length to the return buffer */
- *new_pw_len = byte_len/2;
- memcpy(new_pwrd, passwd, uni_pw_len);
- new_pwrd[uni_pw_len]='\0';
-
- /* clear out local copy of user's password (just being paranoid). */
- ZERO_STRUCT(unicode_passwd);
- ZERO_STRUCT(lm_ascii_passwd);
- ZERO_STRUCT(passwd);
return True;
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 4ffd1c85b5..4290e24395 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2339,9 +2339,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
{
SAM_ACCOUNT *pwd = NULL;
SAM_ACCOUNT *new_pwd = NULL;
- uint8 nt_hash[16];
- uint8 lm_hash[16];
- pstring buf;
+ pstring plaintext_buf;
uint32 len;
uint16 acct_ctrl;
@@ -2366,13 +2364,12 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
copy_id23_to_sam_passwd(new_pwd, id23);
- if (!decode_pw_buffer((char*)id23->pass, buf, 256, &len, nt_hash, lm_hash)) {
+ if (!decode_pw_buffer((char*)id23->pass, plaintext_buf, 256, &len)) {
pdb_free_sam(new_pwd);
return False;
}
- pdb_set_lanman_passwd (new_pwd, lm_hash);
- pdb_set_nt_passwd (new_pwd, nt_hash);
+ pdb_set_plaintext_passwd (new_pwd, plaintext_buf);
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
@@ -2382,13 +2379,13 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
} else {
/* update the UNIX password */
if (lp_unix_password_sync() )
- if(!chgpasswd(pdb_get_username(new_pwd), "", buf, True)) {
+ if(!chgpasswd(pdb_get_username(new_pwd), "", plaintext_buf, True)) {
pdb_free_sam(new_pwd);
return False;
}
}
- memset(buf, 0, sizeof(buf));
+ ZERO_STRUCT(plaintext_buf);
if(!pdb_update_sam_account(new_pwd, True)) {
pdb_free_sam(new_pwd);
@@ -2407,10 +2404,8 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid)
static BOOL set_user_info_pw(char *pass, uint32 rid)
{
SAM_ACCOUNT *pwd = NULL;
- uchar nt_hash[16];
- uchar lm_hash[16];
uint32 len;
- pstring buf;
+ pstring plaintext_buf;
uint16 acct_ctrl;
pdb_init_sam(&pwd);
@@ -2422,15 +2417,14 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
acct_ctrl = pdb_get_acct_ctrl(pwd);
- memset(buf, 0, sizeof(buf));
+ ZERO_STRUCT(plaintext_buf);
- if (!decode_pw_buffer(pass, buf, 256, &len, nt_hash, lm_hash)) {
+ if (!decode_pw_buffer(pass, plaintext_buf, 256, &len)) {
pdb_free_sam(pwd);
return False;
}
- pdb_set_lanman_passwd (pwd, lm_hash);
- pdb_set_nt_passwd (pwd, nt_hash);
+ pdb_set_plaintext_passwd (pwd, plaintext_buf);
/* if it's a trust account, don't update /etc/passwd */
if ( ( (acct_ctrl & ACB_DOMTRUST) == ACB_DOMTRUST ) ||
@@ -2440,13 +2434,13 @@ static BOOL set_user_info_pw(char *pass, uint32 rid)
} else {
/* update the UNIX password */
if (lp_unix_password_sync())
- if(!chgpasswd(pdb_get_username(pwd), "", buf, True)) {
+ if(!chgpasswd(pdb_get_username(pwd), "", plaintext_buf, True)) {
pdb_free_sam(pwd);
return False;
}
}
- memset(buf, 0, sizeof(buf));
+ ZERO_STRUCT(plaintext_buf);
DEBUG(5,("set_user_info_pw: pdb_update_sam_account()\n"));