From 1ea8ceac458501719a055700902d456304c4ee0a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 17 Jan 1998 07:08:21 +0000 Subject: charcnv.c: Added codepage 866 support onto the file system. Patch from Max Khon . chgpasswd.c: Allow old RAP change password to work with encrypted passwords. Samba can now allow Windows 95/NT clients to securely change the Lanman password ! (But not the NT hash - that gets lost). ipc.c: smbdes.c: smbpass.c: Support for the above. server.c: #ifdef'ed out fix for NT redirector bug. util.c: Fix NIS bug with server name. Jeremy. (This used to be commit cd9fad92d0316e5a0007ba3c5668906dc2f011f1) --- source3/smbd/chgpasswd.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++ source3/smbd/ipc.c | 30 ++++++++++++++--- source3/smbd/server.c | 7 ++++ 3 files changed, 116 insertions(+), 4 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c index 17401410ce..1502cd1219 100644 --- a/source3/smbd/chgpasswd.c +++ b/source3/smbd/chgpasswd.c @@ -398,3 +398,86 @@ BOOL chgpasswd(char *name,char *oldpass,char *newpass) return(False); } #endif + +/*********************************************************** + Code to check the lanman hashed password. +************************************************************/ + +BOOL check_lanman_password(char *user, unsigned char *pass1, + unsigned char *pass2, struct smb_passwd **psmbpw) +{ + unsigned char unenc_new_pw[16]; + unsigned char unenc_old_pw[16]; + struct smb_passwd *smbpw; + + *psmbpw = NULL; + + become_root(0); + smbpw = get_smbpwd_entry(user, 0); + unbecome_root(0); + + if(smbpw == NULL) + { + DEBUG(0,("check_lanman_password: get_smbpwd_entry returned NULL\n")); + return False; + } + + if(smbpw->smb_passwd == NULL) + { + DEBUG(0,("check_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + /* Use this to get the old lanman hash. */ + D_P16(unenc_new_pw, pass1, unenc_old_pw); + + /* Check that the two old passwords match. */ + if(memcmp(smbpw->smb_passwd, unenc_old_pw, 16)) + { + DEBUG(0,("check_lanman_password: old password doens't match.\n")); + return False; + } + + *psmbpw = smbpw; + return True; +} + +/*********************************************************** + Code to change the lanman hashed password. + It nulls out the NT hashed password as it will + no longer be valid. +************************************************************/ + +BOOL change_lanman_password(struct smb_passwd *smbpw, char *pass1, char *pass2) +{ + char unenc_new_pw[16]; + BOOL ret; + + if(smbpw == NULL) + { + DEBUG(0,("change_lanman_password: get_smbpwd_entry returned NULL\n")); + return False; + } + + if(smbpw->smb_passwd == NULL) + { + DEBUG(0,("change_lanman_password: no lanman password !\n")); + return False; + } + + /* Get the new lanman hash. */ + D_P16(smbpw->smb_passwd, pass2, unenc_new_pw); + + smbpw->smb_passwd = unenc_new_pw; + smbpw->smb_nt_passwd = NULL; /* We lose the NT hash. Sorry. */ + + /* Now write it into the file. */ + become_root(0); + ret = mod_smbpwd_entry(smbpw); + unbecome_root(0); + + return ret; +} diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index ee2aec8c22..e3db823a9d 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -1141,7 +1141,7 @@ static BOOL api_RNetServerEnum(int cnum, uint16 vuid, char *param, char *data, uint32 servertype = IVAL(p,4); char *p2; int data_len, fixed_len, string_len; - int f_len, s_len; + int f_len = 0, s_len = 0; struct srv_info_struct *servers=NULL; int counted=0,total=0; int i,missed; @@ -1421,7 +1421,7 @@ static BOOL api_RNetShareEnum(int cnum,uint16 vuid, char *param,char *data, int total=0,counted=0; int i; int data_len, fixed_len, string_len; - int f_len, s_len; + int f_len = 0, s_len = 0; if (!prefix_ok(str1,"WrLeh")) return False; if (!check_share_info(uLevel,str2)) return False; @@ -1532,8 +1532,8 @@ static BOOL api_SetUserPassword(int cnum,uint16 vuid, char *param,char *data, p = skip_string(p,1); - StrnCpy(pass1,p,16); - StrnCpy(pass2,p+16,16); + memcpy(pass1,p,16); + memcpy(pass2,p+16,16); *rparam_len = 4; *rparam = REALLOC(*rparam,*rparam_len); @@ -1545,12 +1545,34 @@ static BOOL api_SetUserPassword(int cnum,uint16 vuid, char *param,char *data, DEBUG(3,("Set password for <%s>\n",user)); + /* + * Attempt the plaintext password change first. + * Older versions of Windows seem to do this. + */ + if (password_ok(user,pass1,strlen(pass1),NULL) && chgpasswd(user,pass1,pass2)) { SSVAL(*rparam,0,NERR_Success); } + /* + * If the plaintext change failed, attempt + * the encrypted. NT will generate this + * after trying the samr method. + */ + + if(SVAL(*rparam,0) != NERR_Success) + { + struct smb_passwd *smbpw = NULL; + + if(check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &smbpw) && + change_lanman_password(smbpw,(unsigned char *)pass1,(unsigned char *)pass2)) + { + SSVAL(*rparam,0,NERR_Success); + } + } + bzero(pass1,sizeof(fstring)); bzero(pass2,sizeof(fstring)); diff --git a/source3/smbd/server.c b/source3/smbd/server.c index bf635fc27a..751039070f 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -1637,6 +1637,13 @@ BOOL check_file_sharing(int cnum,char *fname, BOOL rename_op) { DEBUG(0,("check_file_sharing: NT redirector workaround - rename attempted on \ batch oplocked file %s, dev = %x, inode = %x\n", fname, dev, inode)); +#if 0 + /* + * This next line is a test that allows the deny-mode + * processing to be skipped. JRA. + */ + continue; +#endif } else { -- cgit