mirror of
https://github.com/reactos/reactos.git
synced 2025-08-04 08:15:41 +00:00
[SAMSRV]
SampSetUserPassword: - Update the password history only if the new password hash is not the empty password hash. - Set the empty LM or NT password hash if the password is not present in order to keep both password hashes synchronized. svn path=/trunk/; revision=59087
This commit is contained in:
Eric Kohl
parent
8c5db4e1bf
commit
019335405c
1 changed files with 139 additions and 120 deletions
|
|
@ -397,8 +397,21 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
|
|||
ULONG CurrentHistoryLength;
|
||||
ULONG MaxHistoryLength = 3;
|
||||
ULONG Length = 0;
|
||||
BOOLEAN UseNtPassword;
|
||||
BOOLEAN UseLmPassword;
|
||||
NTSTATUS Status;
|
||||
|
||||
UseNtPassword =
|
||||
((memcmp(NtPassword, &EmptyNtHash, sizeof(ENCRYPTED_NT_OWF_PASSWORD)) != 0) &&
|
||||
(NtPasswordPresent != FALSE));
|
||||
|
||||
UseLmPassword =
|
||||
((memcmp(LmPassword, &EmptyLmHash, sizeof(ENCRYPTED_LM_OWF_PASSWORD)) != 0) &&
|
||||
(LmPasswordPresent != FALSE));
|
||||
|
||||
/* Update the NT password history only if we have a new non-empty NT password */
|
||||
if (UseNtPassword)
|
||||
{
|
||||
/* Get the size of the NT history */
|
||||
SampGetObjectAttribute(UserObject,
|
||||
L"NTPwdHistory",
|
||||
|
|
@ -433,6 +446,40 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
|
|||
goto done;
|
||||
}
|
||||
|
||||
/* Move the old passwords down by one entry */
|
||||
if (NtHistoryLength > sizeof(ENCRYPTED_NT_OWF_PASSWORD))
|
||||
{
|
||||
MoveMemory(&(NtHistory[1]),
|
||||
&(NtHistory[0]),
|
||||
NtHistoryLength - sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
}
|
||||
|
||||
/* Add the new password to the top of the history */
|
||||
if (NtPasswordPresent)
|
||||
{
|
||||
CopyMemory(&(NtHistory[0]),
|
||||
NtPassword,
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
}
|
||||
else
|
||||
{
|
||||
ZeroMemory(&(NtHistory[0]),
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
}
|
||||
|
||||
/* Set the history */
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"NTPwdHistory",
|
||||
REG_BINARY,
|
||||
(PVOID)NtHistory,
|
||||
NtHistoryLength);
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Update the LM password history only if we have a new non-empty LM password */
|
||||
if (UseLmPassword)
|
||||
{
|
||||
/* Get the size of the LM history */
|
||||
Length = 0;
|
||||
SampGetObjectAttribute(UserObject,
|
||||
|
|
@ -468,79 +515,6 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
|
|||
goto done;
|
||||
}
|
||||
|
||||
/* Set the new password */
|
||||
if (NtPasswordPresent)
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"NTPwd",
|
||||
REG_BINARY,
|
||||
(PVOID)NtPassword,
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
else
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"NTPwd",
|
||||
REG_BINARY,
|
||||
NULL,
|
||||
0);
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
|
||||
if (LmPasswordPresent)
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"LMPwd",
|
||||
REG_BINARY,
|
||||
(PVOID)LmPassword,
|
||||
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
else
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"LMPwd",
|
||||
REG_BINARY,
|
||||
NULL,
|
||||
0);
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Move the old passwords down by one entry */
|
||||
if (NtHistoryLength > sizeof(ENCRYPTED_NT_OWF_PASSWORD))
|
||||
{
|
||||
MoveMemory(&(NtHistory[1]),
|
||||
&(NtHistory[0]),
|
||||
NtHistoryLength - sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
}
|
||||
|
||||
/* Add the new password on top of the history */
|
||||
if (NtPasswordPresent)
|
||||
{
|
||||
CopyMemory(&(NtHistory[0]),
|
||||
NtPassword,
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
}
|
||||
else
|
||||
{
|
||||
ZeroMemory(&(NtHistory[0]),
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
}
|
||||
|
||||
/* Set the history */
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"NTPwdHistory",
|
||||
REG_BINARY,
|
||||
(PVOID)NtHistory,
|
||||
NtHistoryLength);
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
|
||||
/* Move the old passwords down by one entry */
|
||||
if (LmHistoryLength > sizeof(ENCRYPTED_LM_OWF_PASSWORD))
|
||||
{
|
||||
|
|
@ -549,7 +523,7 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
|
|||
LmHistoryLength - sizeof(ENCRYPTED_LM_OWF_PASSWORD));
|
||||
}
|
||||
|
||||
/* Add the new password on top of the history */
|
||||
/* Add the new password to the top of the history */
|
||||
if (LmPasswordPresent)
|
||||
{
|
||||
CopyMemory(&(LmHistory[0]),
|
||||
|
|
@ -570,6 +544,51 @@ SampSetUserPassword(IN PSAM_DB_OBJECT UserObject,
|
|||
LmHistoryLength);
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Set the new NT password */
|
||||
if (UseNtPassword)
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"NTPwd",
|
||||
REG_BINARY,
|
||||
(PVOID)NtPassword,
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
else
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"NTPwd",
|
||||
REG_BINARY,
|
||||
&EmptyNtHash,
|
||||
sizeof(ENCRYPTED_NT_OWF_PASSWORD));
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Set the new LM password */
|
||||
if (UseLmPassword)
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"LMPwd",
|
||||
REG_BINARY,
|
||||
(PVOID)LmPassword,
|
||||
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
else
|
||||
{
|
||||
Status = SampSetObjectAttribute(UserObject,
|
||||
L"LMPwd",
|
||||
REG_BINARY,
|
||||
&EmptyLmHash,
|
||||
sizeof(ENCRYPTED_LM_OWF_PASSWORD));
|
||||
if (!NT_SUCCESS(Status))
|
||||
goto done;
|
||||
}
|
||||
|
||||
done:
|
||||
if (NtHistory != NULL)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue