diff --git a/source/include/proto.h b/source/include/proto.h index 96385144a66..caf53667c88 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -753,7 +753,7 @@ void SamOEMhash( unsigned char *data, unsigned char *key, int val); void SMBencrypt(uchar *passwd, uchar *c8, uchar *p24); void E_md4hash(uchar *passwd, uchar *p16); -void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]); +void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar p16[16]); void SMBOWFencrypt(uchar passwd[16], uchar *c8, uchar p24[24]); void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]); void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24); @@ -1516,6 +1516,7 @@ struct sam_passwd *getsam21pwntnam(const char *name); struct sam_passwd *getsam21pwrid(uint32 rid); void pwdb_init_sam(struct sam_passwd *user); struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user); +void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from); struct smb_passwd *pwdb_sam_to_smb(struct sam_passwd *user); struct sam_passwd *pwdb_smb_to_sam(struct smb_passwd *user); struct sam_passwd *pwdb_sam_map_names(struct sam_passwd *sam); diff --git a/source/libsmb/smbencrypt.c b/source/libsmb/smbencrypt.c index 24945bc1422..f0bfbd9b843 100644 --- a/source/libsmb/smbencrypt.c +++ b/source/libsmb/smbencrypt.c @@ -106,7 +106,7 @@ void E_md4hash(uchar *passwd, uchar *p16) } /* Does both the NT and LM owfs of a user's password */ -void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16]) +void nt_lm_owf_gen(const char *pwd, uchar nt_p16[16], uchar p16[16]) { char passwd[130]; diff --git a/source/passdb/sampassdb.c b/source/passdb/sampassdb.c index 7c824cb7ca1..13474eda782 100644 --- a/source/passdb/sampassdb.c +++ b/source/passdb/sampassdb.c @@ -134,6 +134,9 @@ struct sam_passwd *getsam21pwent(void *vp) BOOL mod_sam21pwd_entry(struct sam_passwd* pwd, BOOL override) { + DEBUG(10,("mod_sam21pwd_entry: unix user %s rid %d\n", + pwd->unix_name, pwd->user_rid)); + return pwdb_ops->mod_sam21pwd_entry(pwdb_sam_map_names(pwd), override); } @@ -339,6 +342,150 @@ struct sam_disp_info *pwdb_sam_to_dispinfo(struct sam_passwd *user) return &disp_info; } +/************************************************************* + copies a sam passwd. + **************************************************************/ +void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from) +{ + static fstring nt_name; + static fstring unix_name; + static fstring full_name; + static fstring home_dir; + static fstring dir_drive; + static fstring logon_script; + static fstring profile_path; + static fstring acct_desc; + static fstring workstations; + static fstring unknown_str; + static fstring munged_dial; + + if (from == NULL || to == NULL) return; + + memcpy(to, from, sizeof(*from)); + + if (from->nt_name != NULL) + { + fstrcpy(nt_name , from->nt_name); + to->nt_name = nt_name; + } + else if (to->nt_name != NULL) + { + fstrcpy(nt_name , to->nt_name); + to->nt_name = nt_name; + } + + if (from->unix_name != NULL) + { + fstrcpy(unix_name, from->unix_name); + to->unix_name = unix_name; + } + else if (to->unix_name != NULL) + { + fstrcpy(unix_name, to->unix_name); + to->unix_name = unix_name; + } + + if (from->full_name != NULL) + { + fstrcpy(full_name, from->full_name); + to->full_name = full_name; + } + else if (to->full_name != NULL) + { + fstrcpy(full_name, to->full_name); + to->full_name = full_name; + } + + if (from->home_dir != NULL) + { + fstrcpy(home_dir , from->home_dir); + to->home_dir = home_dir; + } + else if (to->home_dir != NULL) + { + fstrcpy(home_dir , to->home_dir); + to->home_dir = home_dir; + } + + if (from->dir_drive != NULL) + { + fstrcpy(dir_drive , from->dir_drive); + to->dir_drive = dir_drive; + } + else if (to->dir_drive != NULL) + { + fstrcpy(dir_drive , to->dir_drive); + to->dir_drive = dir_drive; + } + + if (from->logon_script != NULL) + { + fstrcpy(logon_script , from->logon_script); + to->logon_script = logon_script; + } + else if (to->logon_script != NULL) + { + fstrcpy(logon_script , to->logon_script); + to->logon_script = logon_script; + } + + if (from->profile_path != NULL) + { + fstrcpy(profile_path , from->profile_path); + to->profile_path = profile_path; + } + else if (to->profile_path != NULL) + { + fstrcpy(profile_path , to->profile_path); + to->profile_path = profile_path; + } + + if (from->acct_desc != NULL) + { + fstrcpy(acct_desc , from->acct_desc); + to->acct_desc = acct_desc; + } + else if (to->acct_desc != NULL) + { + fstrcpy(acct_desc , to->acct_desc); + to->acct_desc = acct_desc; + } + + if (from->workstations != NULL) + { + fstrcpy(workstations , from->workstations); + to->workstations = workstations; + } + else if (to->workstations != NULL) + { + fstrcpy(workstations , to->workstations); + to->workstations = workstations; + } + + if (from->unknown_str != NULL) + { + fstrcpy(unknown_str , from->unknown_str); + to->unknown_str = unknown_str; + } + else if (to->unknown_str != NULL) + { + fstrcpy(unknown_str , to->unknown_str); + to->unknown_str = unknown_str; + } + + if (from->munged_dial != NULL) + { + fstrcpy(munged_dial , from->munged_dial); + to->munged_dial = munged_dial; + } + else if (to->munged_dial != NULL) + { + fstrcpy(munged_dial , to->munged_dial); + to->munged_dial = munged_dial; + } +} + + /************************************************************* converts a sam_passwd structure to a smb_passwd structure. **************************************************************/ diff --git a/source/passdb/smbpasschange.c b/source/passdb/smbpasschange.c index f266e937de6..a46ce81c107 100644 --- a/source/passdb/smbpasschange.c +++ b/source/passdb/smbpasschange.c @@ -80,7 +80,7 @@ BOOL local_password_change(char *user_name, *err_str = '\0'; *msg_str = '\0'; - pwd = getpwnam(user_name); + pwd = Get_Pwnam(user_name, False); /* * Check for a trust account. diff --git a/source/rpc_server/srv_samr.c b/source/rpc_server/srv_samr.c index b0fc64a2e7d..15b2159383e 100644 --- a/source/rpc_server/srv_samr.c +++ b/source/rpc_server/srv_samr.c @@ -1948,20 +1948,35 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u, ********************************************************************/ static BOOL set_user_info_24(SAM_USER_INFO_24 *id24, uint32 rid) { - static struct sam_passwd *pwd; - fstring new_pw; + struct sam_passwd *pwd = getsam21pwrid(rid); + struct sam_passwd new_pwd; + static uchar nt_hash[16]; + static uchar lm_hash[16]; + pstring new_pw; + + if (pwd == NULL) + { + return False; + } + + pwdb_init_sam(&new_pwd); + copy_sam_passwd(&new_pwd, pwd); + if (!decode_pw_buffer(id24->pass, new_pw, sizeof(new_pw), True)) { return False; } + #ifdef DEBUG_PASSWORD DEBUG(0,("New Password: %s\n", new_pw)); #endif -#if 0 - return mod_sam21pwd_entry(&pwd, True); -#else - return True; -#endif + + nt_lm_owf_gen(new_pw, nt_hash, lm_hash); + + new_pwd.smb_passwd = lm_hash; + new_pwd.smb_nt_passwd = nt_hash; + + return mod_sam21pwd_entry(&new_pwd, True); } /******************************************************************* @@ -2031,7 +2046,6 @@ static void samr_reply_set_userinfo(SAMR_Q_SET_USERINFO *q_u, case 24: { SAM_USER_INFO_24 *id24 = q_u->info.id24; - nt_lm_owf_gen("test", nt_pwd, lm_pwd); SamOEMhash(id24->pass, user_sess_key, True); status = set_user_info_24(id24, rid) ? 0 : (0xC0000000 | NT_STATUS_ACCESS_DENIED); break; @@ -2526,7 +2540,7 @@ static void samr_reply_create_user(SAMR_Q_CREATE_USER *q_u, pstring msg_str; if (!local_password_change(user_name, True, - q_u->acb_info | ACB_DISABLED, 0xffff, + q_u->acb_info, 0xffff, NULL, err_str, sizeof(err_str), msg_str, sizeof(msg_str)))