sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-11-23 20:23:50 +03:00
Code Activity

r19464: Reject passwords that cannot be converted into UCS2.

Browse Source 
Andrew Bartlett
This commit is contained in:
Andrew Bartlett
2006-10-23 06:06:35 +00:00
committed by Gerald (Jerry) Carter
parent a28a17c508
commit c843fce7a0
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source/dsdb/samdb/samdb.c
View File

@@ -1249,7 +1249,13 @@ _PUBLIC_ NTSTATUS samdb_set_password(struct ldb_context *ctx, TALLOC_CTX *mem_ct
if (E_deshash(new_pass, local_lmNewHash.hash)) { if (E_deshash(new_pass, local_lmNewHash.hash)) {
lmNewHash = &local_lmNewHash; lmNewHash = &local_lmNewHash;
} }
E_md4hash(new_pass, local_ntNewHash.hash); if (!E_md4hash(new_pass, local_ntNewHash.hash)) {
/* If we can't convert this password to UCS2, then we should not accept it */
if (reject_reason) {
*reject_reason = SAMR_REJECT_OTHER;
}
return NT_STATUS_PASSWORD_RESTRICTION;
}
ntNewHash = &local_ntNewHash; ntNewHash = &local_ntNewHash;
} }

10
source/libcli/auth/smbencrypt.c
View File

@@ -63,18 +63,24 @@ BOOL SMBencrypt(const char *passwd, const uint8_t *c8, uint8_t p24[24])
* @param p16 return password hashed with md4, caller allocated 16 byte buffer * @param p16 return password hashed with md4, caller allocated 16 byte buffer
*/ */
void E_md4hash(const char *passwd, uint8_t p16[16]) BOOL E_md4hash(const char *passwd, uint8_t p16[16])
{ {
int len; int len;
void *wpwd; void *wpwd;
len = push_ucs2_talloc(NULL, &wpwd, passwd); len = push_ucs2_talloc(NULL, &wpwd, passwd);
SMB_ASSERT(len >= 2); if (len < 2) {
/* We don't want to return fixed data, as most callers
* don't check */
mdfour(p16, passwd, strlen(passwd));
return False;
}
len -= 2; len -= 2;
mdfour(p16, wpwd, len); mdfour(p16, wpwd, len);
talloc_free(wpwd); talloc_free(wpwd);
return True;
} }
/** /**