1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

fixed issues with "Welcome to SAMBA Domain" for when admin user/pass is

used to add workstation to domain.  unix account db not modified: only
SAM password db is used.
This commit is contained in:
Luke Leighton 0001-01-01 00:00:00 +00:00
parent 29581f8486
commit 129a9a4d4b
5 changed files with 174 additions and 12 deletions

View File

@ -753,7 +753,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val);
void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24);
void E_md4hash(uchar *passwd, uchar *p16);
void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]);
void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar p16[16]);
void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]);
void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]);
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
@ -1516,6 +1516,7 @@ struct sam_passwd *getsam21pwntnam(const char *name);
struct sam_passwd *getsam21pwrid(uint32 rid);
void pwdb_init_sam(struct sam_passwd *user);
struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user);
void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from);
struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user);
struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user);
struct sam_passwd *pwdb_sam_map_names(struct sam_passwd *sam);

View File

@ -106,7 +106,7 @@ void E_md4hash(uchar *passwd, uchar *p16)
}
/* Does both the NT and LM owfs of a user's password */
void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16])
void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar p16[16])
{
char passwd[130];

View File

@ -134,6 +134,9 @@ struct sam_passwd *getsam21pwent(void *vp)
BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override)
{
DEBUG(10,("mod_sam21pwd_entry: unix user %s rid %d\n",
pwd->unix_name, pwd->user_rid));
return pwdb_ops->mod_sam21pwd_entry(pwdb_sam_map_names(pwd), override);
}
@ -339,6 +342,150 @@ struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user)
return &disp_info;
}
/*************************************************************
copies a sam passwd.
**************************************************************/
void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
{
static fstring nt_name;
static fstring unix_name;
static fstring full_name;
static fstring home_dir;
static fstring dir_drive;
static fstring logon_script;
static fstring profile_path;
static fstring acct_desc;
static fstring workstations;
static fstring unknown_str;
static fstring munged_dial;
if (from == NULL || to == NULL) return;
memcpy(to, from, sizeof(*from));
if (from->nt_name != NULL)
{
fstrcpy(nt_name , from->nt_name);
to->nt_name = nt_name;
}
else if (to->nt_name != NULL)
{
fstrcpy(nt_name , to->nt_name);
to->nt_name = nt_name;
}
if (from->unix_name != NULL)
{
fstrcpy(unix_name, from->unix_name);
to->unix_name = unix_name;
}
else if (to->unix_name != NULL)
{
fstrcpy(unix_name, to->unix_name);
to->unix_name = unix_name;
}
if (from->full_name != NULL)
{
fstrcpy(full_name, from->full_name);
to->full_name = full_name;
}
else if (to->full_name != NULL)
{
fstrcpy(full_name, to->full_name);
to->full_name = full_name;
}
if (from->home_dir != NULL)
{
fstrcpy(home_dir , from->home_dir);
to->home_dir = home_dir;
}
else if (to->home_dir != NULL)
{
fstrcpy(home_dir , to->home_dir);
to->home_dir = home_dir;
}
if (from->dir_drive != NULL)
{
fstrcpy(dir_drive , from->dir_drive);
to->dir_drive = dir_drive;
}
else if (to->dir_drive != NULL)
{
fstrcpy(dir_drive , to->dir_drive);
to->dir_drive = dir_drive;
}
if (from->logon_script != NULL)
{
fstrcpy(logon_script , from->logon_script);
to->logon_script = logon_script;
}
else if (to->logon_script != NULL)
{
fstrcpy(logon_script , to->logon_script);
to->logon_script = logon_script;
}
if (from->profile_path != NULL)
{
fstrcpy(profile_path , from->profile_path);
to->profile_path = profile_path;
}
else if (to->profile_path != NULL)
{
fstrcpy(profile_path , to->profile_path);
to->profile_path = profile_path;
}
if (from->acct_desc != NULL)
{
fstrcpy(acct_desc , from->acct_desc);
to->acct_desc = acct_desc;
}
else if (to->acct_desc != NULL)
{
fstrcpy(acct_desc , to->acct_desc);
to->acct_desc = acct_desc;
}
if (from->workstations != NULL)
{
fstrcpy(workstations , from->workstations);
to->workstations = workstations;
}
else if (to->workstations != NULL)
{
fstrcpy(workstations , to->workstations);
to->workstations = workstations;
}
if (from->unknown_str != NULL)
{
fstrcpy(unknown_str , from->unknown_str);
to->unknown_str = unknown_str;
}
else if (to->unknown_str != NULL)
{
fstrcpy(unknown_str , to->unknown_str);
to->unknown_str = unknown_str;
}
if (from->munged_dial != NULL)
{
fstrcpy(munged_dial , from->munged_dial);
to->munged_dial = munged_dial;
}
else if (to->munged_dial != NULL)
{
fstrcpy(munged_dial , to->munged_dial);
to->munged_dial = munged_dial;
}
}
/*************************************************************
converts a sam_passwd structure to a smb_passwd structure.
**************************************************************/

View File

@ -80,7 +80,7 @@ BOOL local_password_change(char *user_name,
*err_str = '\0';
*msg_str = '\0';
pwd = getpwnam(user_name);
pwd = Get_Pwnam(user_name, False);
/*
* Check for a trust account.

View File

@ -1948,20 +1948,35 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u,
********************************************************************/
static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid)
{
static struct sam_passwd *pwd;
fstring new_pw;
struct sam_passwd *pwd = getsam21pwrid(rid);
struct sam_passwd new_pwd;
static uchar nt_hash[16];
static uchar lm_hash[16];
pstring new_pw;
if (pwd == NULL)
{
return False;
}
pwdb_init_sam(&new_pwd);
copy_sam_passwd(&new_pwd, pwd);
if (!decode_pw_buffer(id24->pass, new_pw, sizeof(new_pw), True))
{
return False;
}
#ifdef DEBUG_PASSWORD
DEBUG(0,("New Password: %s\n", new_pw));
#endif
#if 0
return mod_sam21pwd_entry(&pwd, True);
#else
return True;
#endif
nt_lm_owf_gen(new_pw, nt_hash, lm_hash);
new_pwd.smb_passwd = lm_hash;
new_pwd.smb_nt_passwd = nt_hash;
return mod_sam21pwd_entry(&new_pwd, True);
}
/*******************************************************************
@ -2031,7 +2046,6 @@ static void samr_reply_set_userinfo(SAMR_Q_SET_USERINFO *q_u,
case 24:
{
SAM_USER_INFO_24 *id24 = q_u->info.id24;
nt_lm_owf_gen("test", nt_pwd, lm_pwd);
SamOEMhash(id24->pass, user_sess_key, True);
status = set_user_info_24(id24, rid) ? 0 : (0xC0000000 | NT_STATUS_ACCESS_DENIED);
break;
@ -2526,7 +2540,7 @@ static void samr_reply_create_user(SAMR_Q_CREATE_USER *q_u,
pstring msg_str;
if (!local_password_change(user_name, True,
q_u->acb_info | ACB_DISABLED, 0xffff,
q_u->acb_info, 0xffff,
NULL,
err_str, sizeof(err_str),
msg_str, sizeof(msg_str)))