The branch, master has been updated
via c400fc1e1e9a0c3db82c9a96e9684c8debfb3b74 (commit)
via b9fa8285f77a8748b815f6ca6eaaf77767223bff (commit)
from 41cb06fba7126c79fe536321f2dc461e87e83076 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c400fc1e1e9a0c3db82c9a96e9684c8debfb3b74
Author: Günther Deschner <[email protected]>
Date: Thu May 7 23:54:58 2009 +0200
s3-samr: disable check for ACB_DISABLED in check_oem_password().
It is a bad idea to just tell everyone that an account is disabled without
really having checked the password first.
Found by torture test.
Guenther
commit b9fa8285f77a8748b815f6ca6eaaf77767223bff
Author: Günther Deschner <[email protected]>
Date: Thu May 7 23:22:26 2009 +0200
s3-samr: rework check_oem_password() to take a struct samu, not to return
one.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/chgpasswd.c | 71 ++++++++++++++++++++--------------------------
1 files changed, 31 insertions(+), 40 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 72f06fb..dd1864e 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -53,7 +53,7 @@ static NTSTATUS check_oem_password(const char *user,
const uchar old_lm_hash_encrypted[16],
uchar password_encrypted_with_nt_hash[516],
const uchar old_nt_hash_encrypted[16],
- struct samu **hnd,
+ struct samu *sampass,
char **pp_new_passwd);
#if ALLOW_CHANGE_PASSWORD
@@ -782,15 +782,33 @@ NTSTATUS pass_oem_change(char *user,
{
char *new_passwd = NULL;
struct samu *sampass = NULL;
- NTSTATUS nt_status = check_oem_password(user,
- password_encrypted_with_lm_hash,
- old_lm_hash_encrypted,
- password_encrypted_with_nt_hash,
- old_nt_hash_encrypted,
- &sampass,
- &new_passwd);
+ NTSTATUS nt_status;
+ bool ret = false;
+
+ if (!(sampass = samu_new(NULL))) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ become_root();
+ ret = pdb_getsampwnam(sampass, user);
+ unbecome_root();
+
+ if (ret == false) {
+ DEBUG(0,("pass_oem_change: getsmbpwnam returned NULL\n"));
+ TALLOC_FREE(sampass);
+ return NT_STATUS_NO_SUCH_USER;
+ }
+
+ nt_status = check_oem_password(user,
+ password_encrypted_with_lm_hash,
+ old_lm_hash_encrypted,
+ password_encrypted_with_nt_hash,
+ old_nt_hash_encrypted,
+ sampass,
+ &new_passwd);
if (!NT_STATUS_IS_OK(nt_status)) {
+ TALLOC_FREE(sampass);
return nt_status;
}
@@ -823,12 +841,11 @@ static NTSTATUS check_oem_password(const char *user,
const uchar old_lm_hash_encrypted[16],
uchar password_encrypted_with_nt_hash[516],
const uchar old_nt_hash_encrypted[16],
- struct samu **hnd,
+ struct samu *sampass,
char **pp_new_passwd)
{
uchar null_pw[16];
uchar null_ntpw[16];
- struct samu *sampass = NULL;
uint8 *password_encrypted;
const uint8 *encryption_key;
const uint8 *lanman_pw, *nt_pw;
@@ -838,35 +855,20 @@ static NTSTATUS check_oem_password(const char *user,
uchar new_lm_hash[16];
uchar verifier[16];
char no_pw[2];
- bool ret;
bool nt_pass_set = (password_encrypted_with_nt_hash &&
old_nt_hash_encrypted);
bool lm_pass_set = (password_encrypted_with_lm_hash &&
old_lm_hash_encrypted);
- *hnd = NULL;
-
- if ( !(sampass = samu_new( NULL )) ) {
- return NT_STATUS_NO_MEMORY;
- }
-
- become_root();
- ret = pdb_getsampwnam(sampass, user);
- unbecome_root();
-
- if (ret == False) {
- DEBUG(0, ("check_oem_password: getsmbpwnam returned NULL\n"));
- TALLOC_FREE(sampass);
- return NT_STATUS_NO_SUCH_USER;
- }
-
acct_ctrl = pdb_get_acct_ctrl(sampass);
+#if 0
+ /* I am convinced this check here is wrong, it is valid to
+ * change a password of a user that has a disabled account - gd */
if (acct_ctrl & ACB_DISABLED) {
DEBUG(2,("check_lanman_password: account %s disabled.\n",
user));
- TALLOC_FREE(sampass);
return NT_STATUS_ACCOUNT_DISABLED;
}
-
+#endif
if ((acct_ctrl & ACB_PWNOTREQ) && lp_null_passwords()) {
/* construct a null password (in case one is needed */
no_pw[0] = 0;
@@ -898,7 +900,6 @@ static NTSTATUS check_oem_password(const char *user,
} else if (nt_pass_set) {
DEBUG(1, ("NT password change supplied for user %s, but we have
no NT password to check it with\n",
user));
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
} else if (lm_pass_set) {
if (lp_lanman_auth()) {
@@ -908,12 +909,10 @@ static NTSTATUS check_oem_password(const char *user,
DEBUG(1, ("LM password change supplied for user %s, but
we have disabled LanMan authentication\n",
user));
}
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
} else {
DEBUG(1, ("password change requested for user %s, but no
password supplied!\n",
user));
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
}
@@ -927,7 +926,6 @@ static NTSTATUS check_oem_password(const char *user,
pp_new_passwd,
&new_pw_len,
nt_pass_set ? CH_UTF16 : CH_DOS)) {
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
}
@@ -950,7 +948,6 @@ static NTSTATUS check_oem_password(const char *user,
E_old_pw_hash(new_nt_hash, nt_pw, verifier);
if (memcmp(verifier, old_nt_hash_encrypted, 16)) {
DEBUG(0,("check_oem_password: old lm password
doesn't match.\n"));
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
}
@@ -967,7 +964,6 @@ static NTSTATUS check_oem_password(const char *user,
DEBUG(100,
("check_oem_password: password %s ok\n",
*pp_new_passwd));
#endif
- *hnd = sampass;
return NT_STATUS_OK;
}
@@ -978,14 +974,12 @@ static NTSTATUS check_oem_password(const char *user,
E_old_pw_hash(new_nt_hash, lanman_pw, verifier);
if (memcmp(verifier, old_lm_hash_encrypted, 16)) {
DEBUG(0,("check_oem_password: old lm password
doesn't match.\n"));
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
}
#ifdef DEBUG_PASSWORD
DEBUG(100,
("check_oem_password: password %s ok\n",
*pp_new_passwd));
#endif
- *hnd = sampass;
return NT_STATUS_OK;
}
}
@@ -1000,7 +994,6 @@ static NTSTATUS check_oem_password(const char *user,
E_old_pw_hash(new_lm_hash, lanman_pw, verifier);
if (memcmp(verifier, old_lm_hash_encrypted, 16)) {
DEBUG(0,("check_oem_password: old lm password doesn't
match.\n"));
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
}
@@ -1008,12 +1001,10 @@ static NTSTATUS check_oem_password(const char *user,
DEBUG(100,
("check_oem_password: password %s ok\n", *pp_new_passwd));
#endif
- *hnd = sampass;
return NT_STATUS_OK;
}
/* should not be reached */
- TALLOC_FREE(sampass);
return NT_STATUS_WRONG_PASSWORD;
}
--
Samba Shared Repository
