Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-04 04:45:45 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SAMSRV]

Browse source 
SampSetUserPassword:
- Update the password history only if the new password hash is not the empty password hash.
- Set the empty LM or NT password hash if the password is not present in order to keep both password hashes synchronized.

svn path=/trunk/; revision=59087
This commit is contained in:
Eric Kohl 2013-05-27 12:48:59 +00:00
parent 8c5db4e1bf
commit 019335405c
1 changed files with 139 additions and 120 deletions
Download patch file Download diff file Expand all files Collapse all files

259
reactos/dll/win32/samsrv/user.c
View file

@ -397,79 +397,157 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
ULONG CurrentHistoryLength;
ULONG MaxHistoryLength = 3;
ULONG Length = 0;
BOOLEAN UseNtPassword;
BOOLEAN UseLmPassword;
NTSTATUS Status;
/* Get the size of the NT history */
SampGetObjectAttribute(UserObject,
L"NTPwdHistory",
NULL,
NULL,
&Length);
UseNtPassword =
((memcmp(NtPassword, &EmptyNtHash, sizeof(ENCRYPTED_NT_OWF_PASSWORD)) != 0) &&
(NtPasswordPresent != FALSE));
CurrentHistoryLength = Length / sizeof(ENCRYPTED_NT_OWF_PASSWORD);
if (CurrentHistoryLength < MaxHistoryLength)
{
NtHistoryLength = (CurrentHistoryLength + 1) * sizeof(ENCRYPTED_NT_OWF_PASSWORD);
}
else
{
NtHistoryLength = MaxHistoryLength * sizeof(ENCRYPTED_NT_OWF_PASSWORD);
}
UseLmPassword =
((memcmp(LmPassword, &EmptyLmHash, sizeof(ENCRYPTED_LM_OWF_PASSWORD)) != 0) &&
(LmPasswordPresent != FALSE));
/* Allocate the history buffer */
NtHistory = midl_user_allocate(NtHistoryLength);
if (NtHistory == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
if (Length > 0)
/* Update the NT password history only if we have a new non-empty NT password */
if (UseNtPassword)
{
/* Get the history */
Status = SampGetObjectAttribute(UserObject,
/* Get the size of the NT history */
SampGetObjectAttribute(UserObject,
L"NTPwdHistory",
NULL,
NULL,
&Length);
CurrentHistoryLength = Length / sizeof(ENCRYPTED_NT_OWF_PASSWORD);
if (CurrentHistoryLength < MaxHistoryLength)
{
NtHistoryLength = (CurrentHistoryLength + 1) * sizeof(ENCRYPTED_NT_OWF_PASSWORD);
}
else
{
NtHistoryLength = MaxHistoryLength * sizeof(ENCRYPTED_NT_OWF_PASSWORD);
}
/* Allocate the history buffer */
NtHistory = midl_user_allocate(NtHistoryLength);
if (NtHistory == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
if (Length > 0)
{
/* Get the history */
Status = SampGetObjectAttribute(UserObject,
L"NTPwdHistory",
NULL,
NtHistory,
&Length);
if (!NT_SUCCESS(Status))
goto done;
}
/* Move the old passwords down by one entry */
if (NtHistoryLength > sizeof(ENCRYPTED_NT_OWF_PASSWORD))
{
MoveMemory(&(NtHistory[1]),
&(NtHistory[0]),
NtHistoryLength - sizeof(ENCRYPTED_NT_OWF_PASSWORD));
}
/* Add the new password to the top of the history */
if (NtPasswordPresent)
{
CopyMemory(&(NtHistory[0]),
NtPassword,
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
}
else
{
ZeroMemory(&(NtHistory[0]),
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
}
/* Set the history */
Status = SampSetObjectAttribute(UserObject,
L"NTPwdHistory",
NULL,
NtHistory,
&Length);
REG_BINARY,
(PVOID)NtHistory,
NtHistoryLength);
if (!NT_SUCCESS(Status))
goto done;
}
/* Get the size of the LM history */
Length = 0;
SampGetObjectAttribute(UserObject,
L"LMPwdHistory",
NULL,
NULL,
&Length);
CurrentHistoryLength = Length / sizeof(ENCRYPTED_LM_OWF_PASSWORD);
if (CurrentHistoryLength < MaxHistoryLength)
/* Update the LM password history only if we have a new non-empty LM password */
if (UseLmPassword)
{
LmHistoryLength = (CurrentHistoryLength + 1) * sizeof(ENCRYPTED_LM_OWF_PASSWORD);
}
else
{
LmHistoryLength = MaxHistoryLength * sizeof(ENCRYPTED_LM_OWF_PASSWORD);
}
/* Get the size of the LM history */
Length = 0;
SampGetObjectAttribute(UserObject,
L"LMPwdHistory",
NULL,
NULL,
&Length);
/* Allocate the history buffer */
LmHistory = midl_user_allocate(LmHistoryLength);
if (LmHistory == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
CurrentHistoryLength = Length / sizeof(ENCRYPTED_LM_OWF_PASSWORD);
if (CurrentHistoryLength < MaxHistoryLength)
{
LmHistoryLength = (CurrentHistoryLength + 1) * sizeof(ENCRYPTED_LM_OWF_PASSWORD);
}
else
{
LmHistoryLength = MaxHistoryLength * sizeof(ENCRYPTED_LM_OWF_PASSWORD);
}
if (Length > 0)
{
/* Get the history */
Status = SampGetObjectAttribute(UserObject,
/* Allocate the history buffer */
LmHistory = midl_user_allocate(LmHistoryLength);
if (LmHistory == NULL)
return STATUS_INSUFFICIENT_RESOURCES;
if (Length > 0)
{
/* Get the history */
Status = SampGetObjectAttribute(UserObject,
L"LMPwdHistory",
NULL,
LmHistory,
&Length);
if (!NT_SUCCESS(Status))
goto done;
}
/* Move the old passwords down by one entry */
if (LmHistoryLength > sizeof(ENCRYPTED_LM_OWF_PASSWORD))
{
MoveMemory(&(LmHistory[1]),
&(LmHistory[0]),
LmHistoryLength - sizeof(ENCRYPTED_LM_OWF_PASSWORD));
}
/* Add the new password to the top of the history */
if (LmPasswordPresent)
{
CopyMemory(&(LmHistory[0]),
LmPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
}
else
{
ZeroMemory(&(LmHistory[0]),
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
}
/* Set the LM password history */
Status = SampSetObjectAttribute(UserObject,
L"LMPwdHistory",
NULL,
LmHistory,
&Length);
REG_BINARY,
(PVOID)LmHistory,
LmHistoryLength);
if (!NT_SUCCESS(Status))
goto done;
}
/* Set the new password */
if (NtPasswordPresent)
/* Set the new NT password */
if (UseNtPassword)
{
Status = SampSetObjectAttribute(UserObject,
L"NTPwd",
@ -484,13 +562,14 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
Status = SampSetObjectAttribute(UserObject,
L"NTPwd",
REG_BINARY,
NULL,
0);
&EmptyNtHash,
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
if (!NT_SUCCESS(Status))
goto done;
}
if (LmPasswordPresent)
/* Set the new LM password */
if (UseLmPassword)
{
Status = SampSetObjectAttribute(UserObject,
L"LMPwd",
@ -505,72 +584,12 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
Status = SampSetObjectAttribute(UserObject,
L"LMPwd",
REG_BINARY,
NULL,
0);
&EmptyLmHash,
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
if (!NT_SUCCESS(Status))
goto done;
}
/* Move the old passwords down by one entry */
if (NtHistoryLength > sizeof(ENCRYPTED_NT_OWF_PASSWORD))
{
MoveMemory(&(NtHistory[1]),
&(NtHistory[0]),
NtHistoryLength - sizeof(ENCRYPTED_NT_OWF_PASSWORD));
}
/* Add the new password on top of the history */
if (NtPasswordPresent)
{
CopyMemory(&(NtHistory[0]),
NtPassword,
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
}
else
{
ZeroMemory(&(NtHistory[0]),
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
}
/* Set the history */
Status = SampSetObjectAttribute(UserObject,
L"NTPwdHistory",
REG_BINARY,
(PVOID)NtHistory,
NtHistoryLength);
if (!NT_SUCCESS(Status))
goto done;
/* Move the old passwords down by one entry */
if (LmHistoryLength > sizeof(ENCRYPTED_LM_OWF_PASSWORD))
{
MoveMemory(&(LmHistory[1]),
&(LmHistory[0]),
LmHistoryLength - sizeof(ENCRYPTED_LM_OWF_PASSWORD));
}
/* Add the new password on top of the history */
if (LmPasswordPresent)
{
CopyMemory(&(LmHistory[0]),
LmPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
}
else
{
ZeroMemory(&(LmHistory[0]),
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
}
/* Set the LM password history */
Status = SampSetObjectAttribute(UserObject,
L"LMPwdHistory",
REG_BINARY,
(PVOID)LmHistory,
LmHistoryLength);
if (!NT_SUCCESS(Status))
goto done;
done:
if (NtHistory != NULL)
midl_user_free(NtHistory);