2022-07-05 11:30:47 +03:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2002-08-17 20:05:44 +04:00
RPC pipe client
Copyright ( C ) Tim Potter 2000 - 2001 ,
Copyright ( C ) Andrew Tridgell 1992 - 1997 , 2000 ,
Copyright ( C ) Rafal Szczesniak 2002.
2005-09-30 21:13:37 +04:00
Copyright ( C ) Jeremy Allison 2005.
2008-02-27 21:38:48 +03:00
Copyright ( C ) Guenther Deschner 2008.
2022-07-05 11:30:47 +03:00
1998-03-12 00:11:04 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
1998-03-12 00:11:04 +03:00
( at your option ) any later version .
2022-07-05 11:30:47 +03:00
1998-03-12 00:11:04 +03:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2022-07-05 11:30:47 +03:00
1998-03-12 00:11:04 +03:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
1998-03-12 00:11:04 +03:00
*/
# include "includes.h"
2011-04-13 16:32:16 +04:00
# include "rpc_client/rpc_client.h"
2009-03-16 13:27:58 +03:00
# include "../libcli/auth/libcli_auth.h"
2011-01-21 18:00:31 +03:00
# include "../librpc/gen_ndr/ndr_samr_c.h"
2010-05-18 20:25:50 +04:00
# include "rpc_client/cli_samr.h"
2010-08-20 01:15:22 +04:00
# include "rpc_client/init_lsa.h"
2019-01-16 14:41:32 +03:00
# include "rpc_client/init_samr.h"
2022-07-05 11:34:12 +03:00
# include "librpc/rpc/dcerpc_samr.h"
# include "lib/crypto/gnutls_helpers.h"
# include <gnutls/gnutls.h>
# include <gnutls/crypto.h>
1998-03-12 00:11:04 +03:00
2008-06-25 13:50:17 +04:00
/* User change password */
2011-01-11 15:07:02 +03:00
NTSTATUS dcerpc_samr_chgpasswd_user ( struct dcerpc_binding_handle * h ,
2008-06-25 13:50:17 +04:00
TALLOC_CTX * mem_ctx ,
struct policy_handle * user_handle ,
const char * newpassword ,
2011-01-11 15:07:02 +03:00
const char * oldpassword ,
NTSTATUS * presult )
2008-06-25 13:50:17 +04:00
{
2011-01-11 15:07:02 +03:00
NTSTATUS status ;
2019-11-20 17:28:39 +03:00
int rc ;
2008-06-25 13:50:17 +04:00
struct samr_Password hash1 , hash2 , hash3 , hash4 , hash5 , hash6 ;
2019-01-21 15:16:56 +03:00
uint8_t old_nt_hash [ 16 ] = { 0 } ;
uint8_t old_lm_hash [ 16 ] = { 0 } ;
uint8_t new_nt_hash [ 16 ] = { 0 } ;
uint8_t new_lm_hash [ 16 ] = { 0 } ;
2008-06-25 13:50:17 +04:00
DEBUG ( 10 , ( " rpccli_samr_chgpasswd_user \n " ) ) ;
E_md4hash ( oldpassword , old_nt_hash ) ;
E_md4hash ( newpassword , new_nt_hash ) ;
E_deshash ( oldpassword , old_lm_hash ) ;
E_deshash ( newpassword , new_lm_hash ) ;
2019-11-20 17:28:39 +03:00
rc = E_old_pw_hash ( new_lm_hash , old_lm_hash , hash1 . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
rc = E_old_pw_hash ( old_lm_hash , new_lm_hash , hash2 . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
rc = E_old_pw_hash ( new_nt_hash , old_nt_hash , hash3 . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
rc = E_old_pw_hash ( old_nt_hash , new_nt_hash , hash4 . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
rc = E_old_pw_hash ( old_lm_hash , new_nt_hash , hash5 . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
rc = E_old_pw_hash ( old_nt_hash , new_lm_hash , hash6 . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
2008-06-25 13:50:17 +04:00
2011-01-11 15:07:02 +03:00
status = dcerpc_samr_ChangePasswordUser ( h ,
mem_ctx ,
2008-06-25 13:50:17 +04:00
user_handle ,
true ,
& hash1 ,
& hash2 ,
true ,
& hash3 ,
& hash4 ,
true ,
& hash5 ,
true ,
2011-01-11 15:07:02 +03:00
& hash6 ,
presult ) ;
2008-06-25 13:50:17 +04:00
2019-11-20 17:28:39 +03:00
done :
2019-01-21 15:16:56 +03:00
ZERO_ARRAY ( old_nt_hash ) ;
ZERO_ARRAY ( old_lm_hash ) ;
ZERO_ARRAY ( new_nt_hash ) ;
ZERO_ARRAY ( new_lm_hash ) ;
2011-01-11 15:07:02 +03:00
return status ;
2008-06-25 13:50:17 +04:00
}
2011-01-11 15:07:02 +03:00
NTSTATUS rpccli_samr_chgpasswd_user ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
struct policy_handle * user_handle ,
const char * newpassword ,
const char * oldpassword )
{
NTSTATUS status ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
status = dcerpc_samr_chgpasswd_user ( cli - > binding_handle ,
mem_ctx ,
user_handle ,
newpassword ,
oldpassword ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
return result ;
}
2008-06-25 13:50:17 +04:00
2004-01-26 11:45:02 +03:00
/* User change password */
2011-01-12 10:46:28 +03:00
NTSTATUS dcerpc_samr_chgpasswd_user2 ( struct dcerpc_binding_handle * h ,
2008-06-25 12:35:59 +04:00
TALLOC_CTX * mem_ctx ,
2011-01-12 10:46:28 +03:00
const char * srv_name_slash ,
2008-06-25 12:35:59 +04:00
const char * username ,
const char * newpassword ,
2011-01-12 10:46:28 +03:00
const char * oldpassword ,
NTSTATUS * presult )
2004-01-26 11:45:02 +03:00
{
2011-01-12 10:46:28 +03:00
NTSTATUS status ;
2019-11-20 17:28:39 +03:00
int rc ;
2008-02-06 03:50:01 +03:00
struct samr_CryptPassword new_nt_password ;
struct samr_CryptPassword new_lm_password ;
struct samr_Password old_nt_hash_enc ;
struct samr_Password old_lanman_hash_enc ;
2007-10-11 00:34:30 +04:00
Fix gcc11 compiler issue "-Werror=maybe-uninitialized"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699
../../source4/dsdb/common/util_links.c: In function ‘ndr_guid_compare’:
../../source4/dsdb/common/util_links.c:38:29: error: ‘v1_data’ may be used uninitialized [-Werror=maybe-uninitialized]
38 | struct ldb_val v1 = data_blob_const(v1_data, sizeof(v1_data));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/dsdb/common/util_links.c:22:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/dsdb/common/util_links.c:37:17: note: ‘v1_data’ declared here
37 | uint8_t v1_data[16];
| ^~~~~~~
cc1: all warnings being treated as errors
[1729/3991] Compiling source3/smbd/smbXsrv_open.c
../../libcli/auth/smbencrypt.c: In function ‘decode_wkssvc_join_password_buffer’:
../../libcli/auth/smbencrypt.c:1045:32: error: ‘_confounder’ may be used uninitialized [-Werror=maybe-uninitialized]
1045 | DATA_BLOB confounder = data_blob_const(_confounder, 8);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../libcli/auth/smbencrypt.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../libcli/auth/smbencrypt.c:1044:17: note: ‘_confounder’ declared here
1044 | uint8_t _confounder[8];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
[2624/3991] Compiling source4/torture/rpc/samr.c
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user2’:
../../source3/rpc_client/cli_samr.c:158:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
158 | DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:152:17: note: ‘old_nt_hash’ declared here
152 | uint8_t old_nt_hash[16];
| ^~~~~~~~~~~
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user3’:
../../source3/rpc_client/cli_samr.c:365:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
365 | DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:358:17: note: ‘old_nt_hash’ declared here
358 | uint8_t old_nt_hash[16];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
[3399/3991] Compiling source3/rpcclient/cmd_spotlight.c
../../source3/smbd/smbXsrv_open.c: In function ‘smbXsrv_open_set_replay_cache’:
../../source3/smbd/smbXsrv_open.c:936:26: error: ‘data’ may be used uninitialized [-Werror=maybe-uninitialized]
936 | DATA_BLOB blob = data_blob_const(data, ARRAY_SIZE(data));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/smbd/smbXsrv_open.c:21:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/smbd/smbXsrv_open.c:935:17: note: ‘data’ declared here
935 | uint8_t data[SMBXSRV_OPEN_REPLAY_CACHE_FIXED_SIZE];
| ^~~~
cc1: all warnings being treated as errors
../../source3/rpcclient/cmd_spotlight.c: In function ‘cmd_mdssvc_fetch_properties’:
../../source3/rpcclient/cmd_spotlight.c:60:18: error: ‘share_path’ may be used uninitialized [-Werror=maybe-uninitialized]
60 | status = dcerpc_mdssvc_open(b, mem_ctx,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
61 | &device_id,
| ~~~~~~~~~~~
62 | &unkn1,
| ~~~~~~~
63 | &unkn2,
| ~~~~~~~
64 | argv[2],
| ~~~~~~~~
65 | argv[1],
| ~~~~~~~~
66 | share_path,
| ~~~~~~~~~~~
67 | &share_handle);
| ~~~~~~~~~~~~~~
In file included from ../../source3/rpcclient/cmd_spotlight.c:24:
source3/../librpc/gen_ndr/ndr_mdssvc_c.h:26:10: note: by argument 8 of type ‘const char *’ to ‘dcerpc_mdssvc_open’ declared here
26 | NTSTATUS dcerpc_mdssvc_open(struct dcerpc_binding_handle *h,
| ^~~~~~~~~~~~~~~~~~
../../source3/rpcclient/cmd_spotlight.c:40:14: note: ‘share_path’ declared here
40 | char share_path[1025];
| ^~~~~~~~~~
cc1: all warnings being treated as errors
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2’:
../../source4/torture/rpc/samr.c:2266:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2266 | = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2263:17: note: ‘old_nt_hash’ declared here
2263 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2_ntstatus’:
../../source4/torture/rpc/samr.c:2371:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2371 | = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2368:17: note: ‘old_nt_hash’ declared here
2368 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser3’:
../../source4/torture/rpc/samr.c:2478:38: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2478 | DATA_BLOB old_nt_hash_blob = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2473:17: note: ‘old_nt_hash’ declared here
2473 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordRandomBytes’:
../../source4/torture/rpc/samr.c:2794:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2794 | = data_blob_const(old_nt_hash,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
2795 | sizeof(old_nt_hash));
| ~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2792:17: note: ‘old_nt_hash’ declared here
2792 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-05-03 22:27:43 +03:00
uint8_t old_nt_hash [ 16 ] = { 0 } ;
2011-01-12 10:46:28 +03:00
uint8_t old_lanman_hash [ 16 ] ;
uint8_t new_nt_hash [ 16 ] ;
uint8_t new_lanman_hash [ 16 ] ;
2008-02-06 03:50:01 +03:00
struct lsa_String server , account ;
2007-10-11 00:34:30 +04:00
2019-01-16 14:41:32 +03:00
DATA_BLOB session_key = data_blob_const ( old_nt_hash , 16 ) ;
2008-06-25 12:35:59 +04:00
DEBUG ( 10 , ( " rpccli_samr_chgpasswd_user2 \n " ) ) ;
2004-01-26 11:45:02 +03:00
2011-01-12 10:46:28 +03:00
init_lsa_String ( & server , srv_name_slash ) ;
2008-02-06 03:50:01 +03:00
init_lsa_String ( & account , username ) ;
2004-01-26 11:45:02 +03:00
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash ( oldpassword , old_nt_hash ) ;
E_md4hash ( newpassword , new_nt_hash ) ;
2008-02-06 03:50:01 +03:00
if ( lp_client_lanman_auth ( ) & &
E_deshash ( newpassword , new_lanman_hash ) & &
E_deshash ( oldpassword , old_lanman_hash ) ) {
2004-01-26 11:45:02 +03:00
/* E_deshash returns false for 'long' passwords (> 14
DOS chars ) . This allows us to match Win2k , which
does not store a LM hash for these passwords ( which
would reduce the effective password length to 14 ) */
2019-01-16 14:41:32 +03:00
status = init_samr_CryptPassword ( newpassword ,
& session_key ,
& new_lm_password ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2004-01-26 11:45:02 +03:00
2019-11-20 17:28:39 +03:00
rc = E_old_pw_hash ( new_nt_hash , old_lanman_hash , old_lanman_hash_enc . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
2004-01-26 11:45:02 +03:00
} else {
ZERO_STRUCT ( new_lm_password ) ;
ZERO_STRUCT ( old_lanman_hash_enc ) ;
}
2019-01-16 14:41:32 +03:00
status = init_samr_CryptPassword ( newpassword ,
& session_key ,
& new_nt_password ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2019-11-20 17:28:39 +03:00
rc = E_old_pw_hash ( new_nt_hash , old_nt_hash , old_nt_hash_enc . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
2007-10-11 00:34:30 +04:00
2011-01-12 10:46:28 +03:00
status = dcerpc_samr_ChangePasswordUser2 ( h ,
mem_ctx ,
2008-02-06 03:50:01 +03:00
& server ,
& account ,
& new_nt_password ,
& old_nt_hash_enc ,
true ,
& new_lm_password ,
2011-01-12 10:46:28 +03:00
& old_lanman_hash_enc ,
presult ) ;
2019-11-20 17:28:39 +03:00
done :
2019-01-16 14:41:32 +03:00
ZERO_STRUCT ( new_nt_password ) ;
ZERO_STRUCT ( new_lm_password ) ;
ZERO_STRUCT ( old_nt_hash_enc ) ;
ZERO_STRUCT ( old_lanman_hash_enc ) ;
ZERO_ARRAY ( new_nt_hash ) ;
ZERO_ARRAY ( new_lanman_hash ) ;
ZERO_ARRAY ( old_nt_hash ) ;
ZERO_ARRAY ( old_lanman_hash ) ;
2011-01-12 10:46:28 +03:00
return status ;
}
NTSTATUS rpccli_samr_chgpasswd_user2 ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
const char * username ,
const char * newpassword ,
const char * oldpassword )
{
NTSTATUS status ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
status = dcerpc_samr_chgpasswd_user2 ( cli - > binding_handle ,
mem_ctx ,
cli - > srv_name_slash ,
username ,
newpassword ,
oldpassword ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2007-10-11 00:34:30 +04:00
return result ;
2004-01-26 11:45:02 +03:00
}
2007-10-11 00:34:30 +04:00
/* User change password given blobs */
2006-07-13 13:29:25 +04:00
2011-01-12 11:04:19 +03:00
NTSTATUS dcerpc_samr_chng_pswd_auth_crap ( struct dcerpc_binding_handle * h ,
2008-02-06 03:50:01 +03:00
TALLOC_CTX * mem_ctx ,
2011-01-12 11:04:19 +03:00
const char * srv_name_slash ,
2008-02-06 03:50:01 +03:00
const char * username ,
DATA_BLOB new_nt_password_blob ,
DATA_BLOB old_nt_hash_enc_blob ,
DATA_BLOB new_lm_password_blob ,
2011-01-12 11:04:19 +03:00
DATA_BLOB old_lm_hash_enc_blob ,
NTSTATUS * presult )
2006-07-13 13:29:25 +04:00
{
2011-01-12 11:04:19 +03:00
NTSTATUS status ;
2008-02-06 03:50:01 +03:00
struct samr_CryptPassword new_nt_password ;
struct samr_CryptPassword new_lm_password ;
struct samr_Password old_nt_hash_enc ;
struct samr_Password old_lm_hash_enc ;
struct lsa_String server , account ;
2006-07-13 13:29:25 +04:00
2007-10-11 00:34:30 +04:00
DEBUG ( 10 , ( " rpccli_samr_chng_pswd_auth_crap \n " ) ) ;
2006-07-13 13:29:25 +04:00
2011-04-19 01:32:11 +04:00
ZERO_STRUCT ( new_nt_password ) ;
ZERO_STRUCT ( new_lm_password ) ;
ZERO_STRUCT ( old_nt_hash_enc ) ;
ZERO_STRUCT ( old_lm_hash_enc ) ;
2011-01-12 11:04:19 +03:00
init_lsa_String ( & server , srv_name_slash ) ;
2008-02-06 03:50:01 +03:00
init_lsa_String ( & account , username ) ;
2011-04-19 01:32:11 +04:00
if ( new_nt_password_blob . data & & new_nt_password_blob . length > = 516 ) {
2010-07-18 17:04:20 +04:00
memcpy ( & new_nt_password . data , new_nt_password_blob . data , 516 ) ;
}
2011-04-19 01:32:11 +04:00
if ( new_lm_password_blob . data & & new_lm_password_blob . length > = 516 ) {
2010-07-18 17:04:20 +04:00
memcpy ( & new_lm_password . data , new_lm_password_blob . data , 516 ) ;
}
2011-04-19 01:32:11 +04:00
if ( old_nt_hash_enc_blob . data & & old_nt_hash_enc_blob . length > = 16 ) {
2010-07-18 17:04:20 +04:00
memcpy ( & old_nt_hash_enc . hash , old_nt_hash_enc_blob . data , 16 ) ;
}
2011-04-19 01:32:11 +04:00
if ( old_lm_hash_enc_blob . data & & old_lm_hash_enc_blob . length > = 16 ) {
2010-07-18 17:04:20 +04:00
memcpy ( & old_lm_hash_enc . hash , old_lm_hash_enc_blob . data , 16 ) ;
}
2008-02-06 03:50:01 +03:00
2011-01-12 11:04:19 +03:00
status = dcerpc_samr_ChangePasswordUser2 ( h ,
mem_ctx ,
2008-02-06 03:50:01 +03:00
& server ,
& account ,
& new_nt_password ,
& old_nt_hash_enc ,
true ,
& new_lm_password ,
2011-01-12 11:04:19 +03:00
& old_lm_hash_enc ,
presult ) ;
return status ;
2006-07-13 13:29:25 +04:00
}
2011-01-12 11:04:19 +03:00
NTSTATUS rpccli_samr_chng_pswd_auth_crap ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
const char * username ,
DATA_BLOB new_nt_password_blob ,
DATA_BLOB old_nt_hash_enc_blob ,
DATA_BLOB new_lm_password_blob ,
DATA_BLOB old_lm_hash_enc_blob )
{
NTSTATUS status ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
status = dcerpc_samr_chng_pswd_auth_crap ( cli - > binding_handle ,
mem_ctx ,
cli - > srv_name_slash ,
username ,
new_nt_password_blob ,
old_nt_hash_enc_blob ,
new_lm_password_blob ,
old_lm_hash_enc_blob ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
return result ;
}
2007-10-11 00:34:30 +04:00
2005-11-30 02:23:02 +03:00
/* change password 3 */
2011-01-12 17:14:35 +03:00
NTSTATUS dcerpc_samr_chgpasswd_user3 ( struct dcerpc_binding_handle * h ,
2008-06-25 23:49:57 +04:00
TALLOC_CTX * mem_ctx ,
2011-01-12 17:14:35 +03:00
const char * srv_name_slash ,
2008-06-25 23:49:57 +04:00
const char * username ,
const char * newpassword ,
const char * oldpassword ,
struct samr_DomInfo1 * * dominfo1 ,
2011-01-12 17:14:35 +03:00
struct userPwdChangeFailureInformation * * reject ,
NTSTATUS * presult )
2005-11-30 02:23:02 +03:00
{
2008-02-05 22:14:54 +03:00
NTSTATUS status ;
2019-11-20 17:28:39 +03:00
int rc ;
2008-02-05 22:14:54 +03:00
struct samr_CryptPassword new_nt_password ;
struct samr_CryptPassword new_lm_password ;
struct samr_Password old_nt_hash_enc ;
struct samr_Password old_lanman_hash_enc ;
2005-11-30 02:23:02 +03:00
Fix gcc11 compiler issue "-Werror=maybe-uninitialized"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14699
../../source4/dsdb/common/util_links.c: In function ‘ndr_guid_compare’:
../../source4/dsdb/common/util_links.c:38:29: error: ‘v1_data’ may be used uninitialized [-Werror=maybe-uninitialized]
38 | struct ldb_val v1 = data_blob_const(v1_data, sizeof(v1_data));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/dsdb/common/util_links.c:22:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/dsdb/common/util_links.c:37:17: note: ‘v1_data’ declared here
37 | uint8_t v1_data[16];
| ^~~~~~~
cc1: all warnings being treated as errors
[1729/3991] Compiling source3/smbd/smbXsrv_open.c
../../libcli/auth/smbencrypt.c: In function ‘decode_wkssvc_join_password_buffer’:
../../libcli/auth/smbencrypt.c:1045:32: error: ‘_confounder’ may be used uninitialized [-Werror=maybe-uninitialized]
1045 | DATA_BLOB confounder = data_blob_const(_confounder, 8);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../libcli/auth/smbencrypt.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../libcli/auth/smbencrypt.c:1044:17: note: ‘_confounder’ declared here
1044 | uint8_t _confounder[8];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
[2624/3991] Compiling source4/torture/rpc/samr.c
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user2’:
../../source3/rpc_client/cli_samr.c:158:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
158 | DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:152:17: note: ‘old_nt_hash’ declared here
152 | uint8_t old_nt_hash[16];
| ^~~~~~~~~~~
../../source3/rpc_client/cli_samr.c: In function ‘dcerpc_samr_chgpasswd_user3’:
../../source3/rpc_client/cli_samr.c:365:33: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
365 | DATA_BLOB session_key = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/rpc_client/cli_samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/rpc_client/cli_samr.c:358:17: note: ‘old_nt_hash’ declared here
358 | uint8_t old_nt_hash[16];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
[3399/3991] Compiling source3/rpcclient/cmd_spotlight.c
../../source3/smbd/smbXsrv_open.c: In function ‘smbXsrv_open_set_replay_cache’:
../../source3/smbd/smbXsrv_open.c:936:26: error: ‘data’ may be used uninitialized [-Werror=maybe-uninitialized]
936 | DATA_BLOB blob = data_blob_const(data, ARRAY_SIZE(data));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source3/../lib/util/samba_util.h:48,
from ../../source3/include/includes.h:256,
from ../../source3/smbd/smbXsrv_open.c:21:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source3/smbd/smbXsrv_open.c:935:17: note: ‘data’ declared here
935 | uint8_t data[SMBXSRV_OPEN_REPLAY_CACHE_FIXED_SIZE];
| ^~~~
cc1: all warnings being treated as errors
../../source3/rpcclient/cmd_spotlight.c: In function ‘cmd_mdssvc_fetch_properties’:
../../source3/rpcclient/cmd_spotlight.c:60:18: error: ‘share_path’ may be used uninitialized [-Werror=maybe-uninitialized]
60 | status = dcerpc_mdssvc_open(b, mem_ctx,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
61 | &device_id,
| ~~~~~~~~~~~
62 | &unkn1,
| ~~~~~~~
63 | &unkn2,
| ~~~~~~~
64 | argv[2],
| ~~~~~~~~
65 | argv[1],
| ~~~~~~~~
66 | share_path,
| ~~~~~~~~~~~
67 | &share_handle);
| ~~~~~~~~~~~~~~
In file included from ../../source3/rpcclient/cmd_spotlight.c:24:
source3/../librpc/gen_ndr/ndr_mdssvc_c.h:26:10: note: by argument 8 of type ‘const char *’ to ‘dcerpc_mdssvc_open’ declared here
26 | NTSTATUS dcerpc_mdssvc_open(struct dcerpc_binding_handle *h,
| ^~~~~~~~~~~~~~~~~~
../../source3/rpcclient/cmd_spotlight.c:40:14: note: ‘share_path’ declared here
40 | char share_path[1025];
| ^~~~~~~~~~
cc1: all warnings being treated as errors
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2’:
../../source4/torture/rpc/samr.c:2266:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2266 | = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2263:17: note: ‘old_nt_hash’ declared here
2263 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser2_ntstatus’:
../../source4/torture/rpc/samr.c:2371:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2371 | = data_blob_const(old_nt_hash, sizeof(old_nt_hash));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2368:17: note: ‘old_nt_hash’ declared here
2368 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordUser3’:
../../source4/torture/rpc/samr.c:2478:38: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2478 | DATA_BLOB old_nt_hash_blob = data_blob_const(old_nt_hash, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2473:17: note: ‘old_nt_hash’ declared here
2473 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
../../source4/torture/rpc/samr.c: In function ‘test_ChangePasswordRandomBytes’:
../../source4/torture/rpc/samr.c:2794:19: error: ‘old_nt_hash’ may be used uninitialized [-Werror=maybe-uninitialized]
2794 | = data_blob_const(old_nt_hash,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
2795 | sizeof(old_nt_hash));
| ~~~~~~~~~~~~~~~~~~~~
In file included from ../../source4/../lib/util/samba_util.h:48,
from ../../source4/include/includes.h:62,
from ../../source4/torture/rpc/samr.c:24:
../../lib/util/data_blob.h:116:20: note: by argument 1 of type ‘const void *’ to ‘data_blob_const’ declared here
116 | _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length);
| ^~~~~~~~~~~~~~~
../../source4/torture/rpc/samr.c:2792:17: note: ‘old_nt_hash’ declared here
2792 | uint8_t old_nt_hash[16], new_nt_hash[16];
| ^~~~~~~~~~~
cc1: all warnings being treated as errors
Guenther
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2021-05-03 22:27:43 +03:00
uint8_t old_nt_hash [ 16 ] = { 0 } ;
2011-01-12 17:14:35 +03:00
uint8_t old_lanman_hash [ 16 ] ;
uint8_t new_nt_hash [ 16 ] ;
uint8_t new_lanman_hash [ 16 ] ;
2005-11-30 02:23:02 +03:00
2008-02-05 22:14:54 +03:00
struct lsa_String server , account ;
2005-11-30 02:23:02 +03:00
2019-01-16 14:41:32 +03:00
DATA_BLOB session_key = data_blob_const ( old_nt_hash , 16 ) ;
2008-06-25 23:49:57 +04:00
DEBUG ( 10 , ( " rpccli_samr_chgpasswd_user3 \n " ) ) ;
2005-11-30 02:23:02 +03:00
2011-01-12 17:14:35 +03:00
init_lsa_String ( & server , srv_name_slash ) ;
2008-02-05 22:14:54 +03:00
init_lsa_String ( & account , username ) ;
2005-11-30 02:23:02 +03:00
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash ( oldpassword , old_nt_hash ) ;
E_md4hash ( newpassword , new_nt_hash ) ;
2008-02-05 22:14:54 +03:00
if ( lp_client_lanman_auth ( ) & &
E_deshash ( newpassword , new_lanman_hash ) & &
E_deshash ( oldpassword , old_lanman_hash ) ) {
2005-11-30 02:23:02 +03:00
/* E_deshash returns false for 'long' passwords (> 14
DOS chars ) . This allows us to match Win2k , which
does not store a LM hash for these passwords ( which
would reduce the effective password length to 14 ) */
2019-01-16 14:41:32 +03:00
status = init_samr_CryptPassword ( newpassword ,
& session_key ,
& new_lm_password ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2005-11-30 02:23:02 +03:00
2019-11-20 17:28:39 +03:00
rc = E_old_pw_hash ( new_nt_hash , old_lanman_hash , old_lanman_hash_enc . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
2005-11-30 02:23:02 +03:00
} else {
ZERO_STRUCT ( new_lm_password ) ;
ZERO_STRUCT ( old_lanman_hash_enc ) ;
}
2019-01-16 14:41:32 +03:00
status = init_samr_CryptPassword ( newpassword ,
& session_key ,
& new_nt_password ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2008-02-05 22:14:54 +03:00
2019-11-20 17:28:39 +03:00
rc = E_old_pw_hash ( new_nt_hash , old_nt_hash , old_nt_hash_enc . hash ) ;
if ( rc ! = 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_ACCESS_DISABLED_BY_POLICY_OTHER ) ;
goto done ;
}
2008-02-05 22:14:54 +03:00
2011-01-12 17:14:35 +03:00
status = dcerpc_samr_ChangePasswordUser3 ( h ,
mem_ctx ,
2008-02-05 22:14:54 +03:00
& server ,
& account ,
& new_nt_password ,
& old_nt_hash_enc ,
true ,
& new_lm_password ,
& old_lanman_hash_enc ,
NULL ,
dominfo1 ,
2011-01-12 17:14:35 +03:00
reject ,
presult ) ;
2019-11-20 17:28:39 +03:00
done :
2019-01-16 14:41:32 +03:00
ZERO_STRUCT ( new_nt_password ) ;
ZERO_STRUCT ( new_lm_password ) ;
ZERO_STRUCT ( old_nt_hash_enc ) ;
ZERO_STRUCT ( old_lanman_hash_enc ) ;
ZERO_ARRAY ( new_nt_hash ) ;
ZERO_ARRAY ( new_lanman_hash ) ;
ZERO_ARRAY ( old_nt_hash ) ;
ZERO_ARRAY ( old_lanman_hash ) ;
2008-02-05 22:14:54 +03:00
return status ;
2005-11-30 02:23:02 +03:00
}
2011-01-12 17:14:35 +03:00
NTSTATUS rpccli_samr_chgpasswd_user3 ( struct rpc_pipe_client * cli ,
TALLOC_CTX * mem_ctx ,
const char * username ,
const char * newpassword ,
const char * oldpassword ,
struct samr_DomInfo1 * * dominfo1 ,
struct userPwdChangeFailureInformation * * reject )
{
NTSTATUS status ;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
status = dcerpc_samr_chgpasswd_user3 ( cli - > binding_handle ,
mem_ctx ,
cli - > srv_name_slash ,
username ,
newpassword ,
oldpassword ,
dominfo1 ,
reject ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
return result ;
}
2022-07-05 11:34:12 +03:00
NTSTATUS dcerpc_samr_chgpasswd_user4 ( struct dcerpc_binding_handle * h ,
TALLOC_CTX * mem_ctx ,
const char * srv_name_slash ,
const char * username ,
const char * oldpassword ,
const char * newpassword ,
NTSTATUS * presult )
{
struct lsa_String server , user_account ;
uint8_t old_nt_key_data [ 16 ] = { 0 } ;
gnutls_datum_t old_nt_key = {
. data = old_nt_key_data ,
. size = sizeof ( old_nt_key ) ,
} ;
struct samr_EncryptedPasswordAES pwd_buf = {
. cipher_len = 0 ,
} ;
DATA_BLOB iv = {
. data = pwd_buf . salt ,
. length = sizeof ( pwd_buf . salt ) ,
} ;
gnutls_datum_t iv_datum = {
. data = iv . data ,
. size = iv . length ,
} ;
uint8_t cek_data [ 16 ] = { 0 } ;
DATA_BLOB cek = {
. data = cek_data ,
. length = sizeof ( cek_data ) ,
} ;
uint64_t pbkdf2_iterations = 0 ;
uint8_t pw_data [ 514 ] = { 0 } ;
DATA_BLOB plaintext = {
. data = pw_data ,
. length = sizeof ( pw_data ) ,
} ;
DATA_BLOB ciphertext = data_blob_null ;
NTSTATUS status ;
bool ok ;
int rc ;
generate_nonce_buffer ( iv . data , iv . length ) ;
/* Calculate the MD4 hash (NT compatible) of the password */
E_md4hash ( oldpassword , old_nt_key_data ) ;
init_lsa_String ( & server , srv_name_slash ) ;
init_lsa_String ( & user_account , username ) ;
pbkdf2_iterations = generate_random_u64_range ( 5000 , 1000000 ) ;
rc = gnutls_pbkdf2 ( GNUTLS_MAC_SHA512 ,
& old_nt_key ,
& iv_datum ,
pbkdf2_iterations ,
cek . data ,
cek . length ) ;
BURN_DATA ( old_nt_key_data ) ;
if ( rc < 0 ) {
status = gnutls_error_to_ntstatus ( rc , NT_STATUS_WRONG_PASSWORD ) ;
return status ;
}
ok = encode_pwd_buffer514_from_str ( pw_data , newpassword , STR_UNICODE ) ;
if ( ! ok ) {
return NT_STATUS_INTERNAL_ERROR ;
}
status = samba_gnutls_aead_aes_256_cbc_hmac_sha512_encrypt (
mem_ctx ,
& plaintext ,
& cek ,
& samr_aes256_enc_key_salt ,
& samr_aes256_mac_key_salt ,
& iv ,
& ciphertext ,
pwd_buf . auth_data ) ;
BURN_DATA ( pw_data ) ;
BURN_DATA ( cek_data ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
pwd_buf . cipher_len = ciphertext . length ;
pwd_buf . cipher = ciphertext . data ;
pwd_buf . PBKDF2Iterations = pbkdf2_iterations ;
status = dcerpc_samr_ChangePasswordUser4 ( h ,
mem_ctx ,
& server ,
& user_account ,
& pwd_buf ,
presult ) ;
data_blob_free ( & ciphertext ) ;
return status ;
}
2023-07-17 15:59:06 +03:00
/* This function returns the bizarre set of (max_entries, max_size) required
2003-01-29 23:15:35 +03:00
for the QueryDisplayInfo RPC to actually work against a domain controller
2022-07-05 11:30:47 +03:00
with large ( 10 k and higher ) numbers of users . These values were
2003-01-29 23:15:35 +03:00
obtained by inspection using ethereal and NT4 running User Manager . */
2011-01-12 17:36:19 +03:00
void dcerpc_get_query_dispinfo_params ( int loop_count ,
uint32_t * max_entries ,
uint32_t * max_size )
2003-01-29 23:15:35 +03:00
{
switch ( loop_count ) {
case 0 :
* max_entries = 512 ;
* max_size = 16383 ;
break ;
case 1 :
* max_entries = 1024 ;
* max_size = 32766 ;
break ;
case 2 :
* max_entries = 2048 ;
* max_size = 65532 ;
break ;
case 3 :
* max_entries = 4096 ;
* max_size = 131064 ;
break ;
default : /* loop_count >= 4 */
* max_entries = 4096 ;
* max_size = 131071 ;
break ;
}
2006-09-18 23:18:29 +04:00
}
2008-04-04 03:40:29 +04:00
2011-01-12 17:51:49 +03:00
NTSTATUS dcerpc_try_samr_connects ( struct dcerpc_binding_handle * h ,
2008-04-04 03:40:29 +04:00
TALLOC_CTX * mem_ctx ,
2011-01-12 17:51:49 +03:00
const char * srv_name_slash ,
2008-04-04 03:40:29 +04:00
uint32_t access_mask ,
2011-01-12 17:51:49 +03:00
struct policy_handle * connect_pol ,
NTSTATUS * presult )
2008-04-04 03:40:29 +04:00
{
NTSTATUS status ;
union samr_ConnectInfo info_in , info_out ;
struct samr_ConnectInfo1 info1 ;
uint32_t lvl_out = 0 ;
ZERO_STRUCT ( info1 ) ;
info1 . client_version = SAMR_CONNECT_W2K ;
info_in . info1 = info1 ;
2011-01-12 17:51:49 +03:00
status = dcerpc_samr_Connect5 ( h ,
mem_ctx ,
srv_name_slash ,
2008-04-04 03:40:29 +04:00
access_mask ,
1 ,
& info_in ,
& lvl_out ,
& info_out ,
2011-01-12 17:51:49 +03:00
connect_pol ,
presult ) ;
2011-01-21 18:02:18 +03:00
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( * presult ) ) {
2008-04-04 03:40:29 +04:00
return status ;
}
2011-01-12 17:51:49 +03:00
status = dcerpc_samr_Connect4 ( h ,
mem_ctx ,
srv_name_slash ,
2008-04-04 03:40:29 +04:00
SAMR_CONNECT_W2K ,
access_mask ,
2011-01-12 17:51:49 +03:00
connect_pol ,
presult ) ;
2011-01-21 18:02:18 +03:00
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( * presult ) ) {
2008-04-04 03:40:29 +04:00
return status ;
}
2011-01-12 17:51:49 +03:00
status = dcerpc_samr_Connect2 ( h ,
mem_ctx ,
srv_name_slash ,
2008-04-04 03:40:29 +04:00
access_mask ,
2011-01-12 17:51:49 +03:00
connect_pol ,
presult ) ;
2008-04-04 03:40:29 +04:00
return status ;
}
2011-01-12 17:51:49 +03:00
/* vim: set ts=8 sw=8 noet cindent: */
