Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-04-26 16:40:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

[MSV1_0]

Browse source 
- MsvpChangePassword: Fix-up string pointers properly.
- MsvpCheckPassword: Modify password checks.

svn path=/trunk/; revision=60643
This commit is contained in:
Eric Kohl 2013-10-13 20:15:01 +00:00
parent e9b9e8be78
commit 20c2a55a62
1 changed files with 53 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
reactos/dll/win32/msv1_0/msv1_0.c
View file

@ -731,7 +731,7 @@ done:
static
NTSTATUS
ChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest,
MsvpChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest,
IN PVOID ProtocolSubmitBuffer,
IN PVOID ClientBufferBase,
IN ULONG SubmitBufferLength,
@ -749,10 +749,10 @@ ChangePassword(IN PLSA_CLIENT_REQUEST ClientRequest,
/* Fix-up pointers in the request buffer info */
PtrOffset = (ULONG_PTR)ProtocolSubmitBuffer - (ULONG_PTR)ClientBufferBase;
RequestBuffer->DomainName.Buffer = (PWSTR)((ULONG_PTR)RequestBuffer->DomainName.Buffer + PtrOffset);
RequestBuffer->AccountName.Buffer = (PWSTR)((ULONG_PTR)RequestBuffer->AccountName.Buffer + PtrOffset);
RequestBuffer->OldPassword.Buffer = (PWSTR)((ULONG_PTR)RequestBuffer->OldPassword.Buffer + PtrOffset);
RequestBuffer->NewPassword.Buffer = (PWSTR)((ULONG_PTR)RequestBuffer->NewPassword.Buffer + PtrOffset);
RequestBuffer->DomainName.Buffer = FIXUP_POINTER(RequestBuffer->DomainName.Buffer, PtrOffset);
RequestBuffer->AccountName.Buffer = FIXUP_POINTER(RequestBuffer->AccountName.Buffer, PtrOffset);
RequestBuffer->OldPassword.Buffer = FIXUP_POINTER(RequestBuffer->OldPassword.Buffer, PtrOffset);
RequestBuffer->NewPassword.Buffer = FIXUP_POINTER(RequestBuffer->NewPassword.Buffer, PtrOffset);
TRACE("Domain: %S\n", RequestBuffer->DomainName.Buffer);
TRACE("Account: %S\n", RequestBuffer->AccountName.Buffer);
@ -807,36 +807,49 @@ MsvpCheckPassword(PUNICODE_STRING UserPassword,
UserNtPasswordPresent = TRUE;
}
Status = STATUS_SUCCESS;
Status = STATUS_WRONG_PASSWORD;
/* Succeed, if no password has been set */
if (UserInfo->All.NtPasswordPresent == FALSE &&
UserInfo->All.LmPasswordPresent == FALSE)
{
TRACE("No password check!\n");
Status = STATUS_SUCCESS;
goto done;
}
/* Succeed, if NT password matches */
if (UserNtPasswordPresent && UserInfo->All.NtPasswordPresent)
{
TRACE("Check NT password hashes:\n");
if (!RtlEqualMemory(&UserNtPassword,
if (RtlEqualMemory(&UserNtPassword,
UserInfo->All.NtOwfPassword.Buffer,
sizeof(ENCRYPTED_NT_OWF_PASSWORD)))
{
TRACE(" success!\n");
Status = STATUS_SUCCESS;
goto done;
}
TRACE(" failed!\n");
Status = STATUS_WRONG_PASSWORD;
}
}
else if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
/* Succeed, if LM password matches */
if (UserLmPasswordPresent && UserInfo->All.LmPasswordPresent)
{
TRACE("Check LM password hashes:\n");
if (!RtlEqualMemory(&UserLmPassword,
if (RtlEqualMemory(&UserLmPassword,
UserInfo->All.LmOwfPassword.Buffer,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE(" success!\n");
Status = STATUS_SUCCESS;
goto done;
}
TRACE(" failed!\n");
Status = STATUS_WRONG_PASSWORD;
}
}
else
{
TRACE("No matching hashes available!\n");
Status = STATUS_WRONG_PASSWORD;
}
done:
return Status;
}
@ -878,7 +891,7 @@ LsaApCallPackage(IN PLSA_CLIENT_REQUEST ClientRequest,
break;
case MsV1_0ChangePassword:
Status = ChangePassword(ClientRequest,
Status = MsvpChangePassword(ClientRequest,
ProtocolSubmitBuffer,
ClientBufferBase,
SubmitBufferLength,