[SAMLIB]

SamSetInformationUser: Add password length checks. svn path=/trunk/; revision=59628
2024-10-06 09:24:11 +00:00 · 2013-08-03 16:40:00 +00:00 · 2013-08-03 16:40:00 +00:00 · 71be5b87ee
parent badde5f428
commit 71be5b87ee
1 changed files with 60 additions and 0 deletions
--- a/reactos/dll/win32/samlib/samlib.c
+++ b/reactos/dll/win32/samlib/samlib.c
@ -112,6 +112,42 @@ PSAMPR_SERVER_NAME_unbind(PSAMPR_SERVER_NAME pszSystemName,
 }


+NTSTATUS
+SampCheckPassword(IN SAMPR_HANDLE UserHandle,
+                  IN PUNICODE_STRING Password)
+{
+    USER_DOMAIN_PASSWORD_INFORMATION DomainPasswordInformation;
+    ULONG PasswordLength;
+    NTSTATUS Status;
+
+    TRACE("(%p %p)\n", UserHandle, Password);
+
+    /* Get the domain password information */
+    Status = SamrGetUserDomainPasswordInformation(UserHandle,
+                                                  &DomainPasswordInformation);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SamrGetUserDomainPasswordInformation failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    PasswordLength = (ULONG)(Password->Length / sizeof(WCHAR));
+
+    /* Fail if the password is too short or too long */
+    if ((PasswordLength < DomainPasswordInformation.MinPasswordLength) ||
+        (PasswordLength > 256))
+        return STATUS_PASSWORD_RESTRICTION;
+
+    /* Check the password complexity */
+    if (DomainPasswordInformation.PasswordProperties & DOMAIN_PASSWORD_COMPLEX)
+    {
+        /* FIXME */
+    }
+
+    return STATUS_SUCCESS;
+}
+
+
 NTSTATUS
 NTAPI
 SamAddMemberToAlias(IN SAM_HANDLE AliasHandle,
@ -1725,6 +1761,7 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
 {
    PSAMPR_USER_SET_PASSWORD_INFORMATION PasswordBuffer;
    SAMPR_USER_INTERNAL1_INFORMATION Internal1Buffer;
+    PUSER_ALL_INFORMATION AllBuffer;
    OEM_STRING LmPwdString;
    CHAR LmPwdBuffer[15];
    NTSTATUS Status;
@ -1736,6 +1773,14 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
    {
        PasswordBuffer = (PSAMPR_USER_SET_PASSWORD_INFORMATION)Buffer;

+        Status = SampCheckPassword(UserHandle,
+                                   (PUNICODE_STRING)&PasswordBuffer->Password);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SampCheckPassword failed (Status 0x%08lx)\n", Status);
+            return Status;
+        }
+
        /* Calculate the NT hash value of the passord */
        Status = SystemFunction007((PUNICODE_STRING)&PasswordBuffer->Password,
                                   (LPBYTE)&Internal1Buffer.EncryptedNtOwfPassword);
@ -1786,6 +1831,21 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
            return Status;
        }
    }
+    else if (UserInformationClass == UserAllInformation)
+    {
+        AllBuffer = (PUSER_ALL_INFORMATION)Buffer;
+
+        if (AllBuffer->WhichFields & (USER_ALL_LMPASSWORDPRESENT | USER_ALL_NTPASSWORDPRESENT))
+        {
+            Status = SampCheckPassword(UserHandle,
+                                       &AllBuffer->NtPassword);
+            if (!NT_SUCCESS(Status))
+            {
+                TRACE("SampCheckPassword failed (Status 0x%08lx)\n", Status);
+                return Status;
+            }
+        }
+    }

    RpcTryExcept
    {