From 9eb6afb00d85c1a7b367d51a19eed41172f7a2e9 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 4 Jun 2004 11:58:46 +0000 Subject: r1009: Make all users of NT and LM passwords use the samr_Password structure. This includes the netlogon pipe, for the machine account password change system. Andrew Bartlett (This used to be commit 49d545a82057ee8b60d50aa55e908efe59875150) --- source4/rpc_server/netlogon/dcerpc_netlogon.c | 5 +-- source4/rpc_server/samr/samdb.c | 36 ++++++++++---------- source4/rpc_server/samr/samr_password.c | 49 ++++++++++++++++----------- 3 files changed, 49 insertions(+), 41 deletions(-) (limited to 'source4/rpc_server') diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 5f4717a5c6..f662e45246 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -332,7 +332,6 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO struct ldb_message **msgs; struct ldb_message **msgs_domain; NTSTATUS nt_status; - struct samr_Hash newNtHash; struct ldb_message mod, *msg_set_pw = &mod; const char *domain_dn; const char *domain_sid; @@ -410,15 +409,13 @@ static NTSTATUS netr_ServerPasswordSet(struct dcesrv_call_state *dce_call, TALLO creds_des_decrypt(pipe_state->creds, &r->in.new_password); - memcpy(newNtHash.hash, r->in.new_password.data, sizeof(newNtHash.hash)); - /* set the password - samdb needs to know both the domain and user DNs, so the domain password policy can be used */ nt_status = samdb_set_password(sam_ctx, mem_ctx, msgs[0]->dn, domain_dn, msg_set_pw, NULL, /* Don't have plaintext */ - NULL, &newNtHash, + NULL, &r->in.new_password, False /* This is not considered a password change */, NULL); diff --git a/source4/rpc_server/samr/samdb.c b/source4/rpc_server/samr/samdb.c index 37063b551d..e6862eb8f9 100644 --- a/source4/rpc_server/samr/samdb.c +++ b/source4/rpc_server/samr/samdb.c @@ -482,11 +482,11 @@ NTTIME samdb_result_force_pwd_change(void *ctx, TALLOC_CTX *mem_ctx, } /* - pull a samr_Hash structutre from a result set. + pull a samr_Password structutre from a result set. */ -struct samr_Hash samdb_result_hash(struct ldb_message *msg, const char *attr) +struct samr_Password samdb_result_hash(struct ldb_message *msg, const char *attr) { - struct samr_Hash hash; + struct samr_Password hash; const struct ldb_val *val = ldb_msg_find_ldb_val(msg, attr); ZERO_STRUCT(hash); if (val) { @@ -496,10 +496,10 @@ struct samr_Hash samdb_result_hash(struct ldb_message *msg, const char *attr) } /* - pull an array of samr_Hash structutres from a result set. + pull an array of samr_Password structutres from a result set. */ uint_t samdb_result_hashes(TALLOC_CTX *mem_ctx, struct ldb_message *msg, - const char *attr, struct samr_Hash **hashes) + const char *attr, struct samr_Password **hashes) { uint_t count = 0; const struct ldb_val *val = ldb_msg_find_ldb_val(msg, attr); @@ -514,7 +514,7 @@ uint_t samdb_result_hashes(TALLOC_CTX *mem_ctx, struct ldb_message *msg, return 0; } - *hashes = talloc_array_p(mem_ctx, struct samr_Hash, count); + *hashes = talloc_array_p(mem_ctx, struct samr_Password, count); if (! *hashes) { return 0; } @@ -527,27 +527,27 @@ uint_t samdb_result_hashes(TALLOC_CTX *mem_ctx, struct ldb_message *msg, } NTSTATUS samdb_result_passwords(TALLOC_CTX *mem_ctx, struct ldb_message *msg, - uint8_t **lm_pwd, uint8_t **nt_pwd) + struct samr_Password **lm_pwd, struct samr_Password **nt_pwd) { const char *unicodePwd = samdb_result_string(msg, "unicodePwd", NULL); - struct samr_Hash *lmPwdHash, *ntPwdHash; + struct samr_Password *lmPwdHash, *ntPwdHash; if (unicodePwd) { if (nt_pwd) { - ntPwdHash = talloc_p(mem_ctx, struct samr_Hash); + ntPwdHash = talloc_p(mem_ctx, struct samr_Password); if (!ntPwdHash) { return NT_STATUS_NO_MEMORY; } E_md4hash(unicodePwd, ntPwdHash->hash); - *nt_pwd = ntPwdHash->hash; + *nt_pwd = ntPwdHash; } if (lm_pwd) { BOOL lm_hash_ok; - lmPwdHash = talloc_p(mem_ctx, struct samr_Hash); + lmPwdHash = talloc_p(mem_ctx, struct samr_Password); if (!lmPwdHash) { return NT_STATUS_NO_MEMORY; } @@ -556,7 +556,7 @@ NTSTATUS samdb_result_passwords(TALLOC_CTX *mem_ctx, struct ldb_message *msg, lm_hash_ok = E_deshash(unicodePwd, lmPwdHash->hash); if (lm_hash_ok) { - *lm_pwd = lmPwdHash->hash; + *lm_pwd = lmPwdHash; } else { *lm_pwd = NULL; } @@ -570,7 +570,7 @@ NTSTATUS samdb_result_passwords(TALLOC_CTX *mem_ctx, struct ldb_message *msg, } else if (num_nt > 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } else { - *nt_pwd = ntPwdHash[0].hash; + *nt_pwd = &ntPwdHash[0]; } } if (lm_pwd) { @@ -581,7 +581,7 @@ NTSTATUS samdb_result_passwords(TALLOC_CTX *mem_ctx, struct ldb_message *msg, } else if (num_lm > 1) { return NT_STATUS_INTERNAL_DB_CORRUPTION; } else { - *lm_pwd = lmPwdHash[0].hash; + *lm_pwd = &lmPwdHash[0]; } } @@ -824,10 +824,10 @@ int samdb_msg_add_uint64(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg } /* - add a samr_Hash element to a message + add a samr_Password element to a message */ int samdb_msg_add_hash(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg, - const char *attr_name, struct samr_Hash hash) + const char *attr_name, struct samr_Password hash) { struct samdb_context *sam_ctx = ctx; struct ldb_val val; @@ -842,10 +842,10 @@ int samdb_msg_add_hash(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg, } /* - add a samr_Hash array to a message + add a samr_Password array to a message */ int samdb_msg_add_hashes(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg, - const char *attr_name, struct samr_Hash *hashes, uint_t count) + const char *attr_name, struct samr_Password *hashes, uint_t count) { struct samdb_context *sam_ctx = ctx; struct ldb_val val; diff --git a/source4/rpc_server/samr/samr_password.c b/source4/rpc_server/samr/samr_password.c index 228b8b53c0..b1dc4a7f6b 100644 --- a/source4/rpc_server/samr/samr_password.c +++ b/source4/rpc_server/samr/samr_password.c @@ -34,8 +34,8 @@ NTSTATUS samr_ChangePasswordUser(struct dcesrv_call_state *dce_call, TALLOC_CTX struct samr_account_state *a_state; struct ldb_message **res, mod, *msg; int ret; - struct samr_Hash new_lmPwdHash, new_ntPwdHash, checkHash; - uint8 *lm_pwd, *nt_pwd; + struct samr_Password new_lmPwdHash, new_ntPwdHash, checkHash; + struct samr_Password *lm_pwd, *nt_pwd; NTSTATUS status = NT_STATUS_OK; const char * const attrs[] = { "lmPwdHash", "ntPwdHash" , "unicodePwd", NULL }; @@ -72,27 +72,27 @@ NTSTATUS samr_ChangePasswordUser(struct dcesrv_call_state *dce_call, TALLOC_CTX } /* decrypt and check the new lm hash */ - D_P16(lm_pwd, r->in.new_lm_crypted->hash, new_lmPwdHash.hash); + D_P16(lm_pwd->hash, r->in.new_lm_crypted->hash, new_lmPwdHash.hash); D_P16(new_lmPwdHash.hash, r->in.old_lm_crypted->hash, checkHash.hash); if (memcmp(checkHash.hash, lm_pwd, 16) != 0) { return NT_STATUS_WRONG_PASSWORD; } /* decrypt and check the new nt hash */ - D_P16(nt_pwd, r->in.new_nt_crypted->hash, new_ntPwdHash.hash); + D_P16(nt_pwd->hash, r->in.new_nt_crypted->hash, new_ntPwdHash.hash); D_P16(new_ntPwdHash.hash, r->in.old_nt_crypted->hash, checkHash.hash); if (memcmp(checkHash.hash, nt_pwd, 16) != 0) { return NT_STATUS_WRONG_PASSWORD; } /* check the nt cross hash */ - D_P16(lm_pwd, r->in.nt_cross->hash, checkHash.hash); + D_P16(lm_pwd->hash, r->in.nt_cross->hash, checkHash.hash); if (memcmp(checkHash.hash, new_ntPwdHash.hash, 16) != 0) { return NT_STATUS_WRONG_PASSWORD; } /* check the lm cross hash */ - D_P16(nt_pwd, r->in.lm_cross->hash, checkHash.hash); + D_P16(nt_pwd->hash, r->in.lm_cross->hash, checkHash.hash); if (memcmp(checkHash.hash, new_lmPwdHash.hash, 16) != 0) { return NT_STATUS_WRONG_PASSWORD; } @@ -136,7 +136,8 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_ struct ldb_message **res, mod; const char * const attrs[] = { "objectSid", "lmPwdHash", "unicodePwd", NULL }; const char *domain_sid; - uint8 *lm_pwd; + struct samr_Password *lm_pwd; + DATA_BLOB lm_pwd_blob; if (pwbuf == NULL) { return NT_STATUS_WRONG_PASSWORD; @@ -169,8 +170,10 @@ NTSTATUS samr_OemChangePasswordUser2(struct dcesrv_call_state *dce_call, TALLOC_ } /* decrypt the password we have been given */ - arcfour_crypt(pwbuf->data, lm_pwd, 516); - + lm_pwd_blob = data_blob(lm_pwd->hash, sizeof(lm_pwd->hash)); + arcfour_crypt_blob(pwbuf->data, 516, &lm_pwd_blob); + data_blob_free(&lm_pwd_blob); + if (!decode_pw_buffer(pwbuf->data, new_pass, sizeof(new_pass), &new_pass_len, STR_ASCII)) { DEBUG(3,("samr: failed to decode password buffer\n")); @@ -243,7 +246,8 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, "pwdProperties", "minPwdAge", "maxPwdAge", NULL }; const char *domain_sid; - uint8 *nt_pwd; + struct samr_Password *nt_pwd; + DATA_BLOB nt_pwd_blob; struct samr_DomInfo1 *dominfo; struct samr_ChangeReject *reject; uint32_t reason = 0; @@ -279,12 +283,19 @@ NTSTATUS samr_ChangePasswordUser3(struct dcesrv_call_state *dce_call, user_dn = res[0]->dn; status = samdb_result_passwords(mem_ctx, res[0], NULL, &nt_pwd); - if (!NT_STATUS_IS_OK(status)) { + if (!NT_STATUS_IS_OK(status) ) { + goto failed; + } + + if (!nt_pwd) { + status = NT_STATUS_WRONG_PASSWORD; goto failed; } /* decrypt the password we have been given */ - arcfour_crypt(r->in.nt_password->data, nt_pwd, 516); + nt_pwd_blob = data_blob(nt_pwd->hash, sizeof(nt_pwd->hash)); + arcfour_crypt_blob(r->in.nt_password->data, 516, &nt_pwd_blob); + data_blob_free(&nt_pwd_blob); if (!decode_pw_buffer(r->in.nt_password->data, new_pass, sizeof(new_pass), &new_pass_len, STR_UNICODE)) { @@ -425,8 +436,8 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx, const char *user_dn, const char *domain_dn, struct ldb_message *mod, const char *new_pass, - struct samr_Hash *lmNewHash, - struct samr_Hash *ntNewHash, + struct samr_Password *lmNewHash, + struct samr_Password *ntNewHash, BOOL user_change, uint32_t *reject_reason) { @@ -442,9 +453,9 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx, int64_t minPwdAge; uint_t minPwdLength, pwdProperties, pwdHistoryLength; uint_t userAccountControl, badPwdCount; - struct samr_Hash *lmPwdHistory, *ntPwdHistory, lmPwdHash, ntPwdHash; - struct samr_Hash *new_lmPwdHistory, *new_ntPwdHistory; - struct samr_Hash local_lmNewHash, local_ntNewHash; + struct samr_Password *lmPwdHistory, *ntPwdHistory, lmPwdHash, ntPwdHash; + struct samr_Password *new_lmPwdHistory, *new_ntPwdHistory; + struct samr_Password local_lmNewHash, local_ntNewHash; int lmPwdHistory_len, ntPwdHistory_len; struct ldb_message **res; int count; @@ -623,12 +634,12 @@ NTSTATUS samdb_set_password(void *ctx, TALLOC_CTX *mem_ctx, } /* store the password history */ - new_lmPwdHistory = talloc_array_p(mem_ctx, struct samr_Hash, + new_lmPwdHistory = talloc_array_p(mem_ctx, struct samr_Password, pwdHistoryLength); if (!new_lmPwdHistory) { return NT_STATUS_NO_MEMORY; } - new_ntPwdHistory = talloc_array_p(mem_ctx, struct samr_Hash, + new_ntPwdHistory = talloc_array_p(mem_ctx, struct samr_Password, pwdHistoryLength); if (!new_ntPwdHistory) { return NT_STATUS_NO_MEMORY; -- cgit