Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-06 09:52:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SAMLIB]

Browse source 
SamSetInformationUser: Add password length checks.

svn path=/trunk/; revision=59628
This commit is contained in:
Eric Kohl 2013-08-03 16:40:00 +00:00
parent badde5f428
commit 71be5b87ee
1 changed files with 60 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

60
reactos/dll/win32/samlib/samlib.c
View file

@ -112,6 +112,42 @@ PSAMPR_SERVER_NAME_unbind(PSAMPR_SERVER_NAME pszSystemName,
} }
NTSTATUS
SampCheckPassword(IN SAMPR_HANDLE UserHandle,
IN PUNICODE_STRING Password)
{
USER_DOMAIN_PASSWORD_INFORMATION DomainPasswordInformation;
ULONG PasswordLength;
NTSTATUS Status;
TRACE("(%p %p)\n", UserHandle, Password);
/* Get the domain password information */
Status = SamrGetUserDomainPasswordInformation(UserHandle,
&DomainPasswordInformation);
if (!NT_SUCCESS(Status))
{
TRACE("SamrGetUserDomainPasswordInformation failed (Status 0x%08lx)\n", Status);
return Status;
}
PasswordLength = (ULONG)(Password->Length / sizeof(WCHAR));
/* Fail if the password is too short or too long */
if ((PasswordLength < DomainPasswordInformation.MinPasswordLength) ||
(PasswordLength > 256))
return STATUS_PASSWORD_RESTRICTION;
/* Check the password complexity */
if (DomainPasswordInformation.PasswordProperties & DOMAIN_PASSWORD_COMPLEX)
{
/* FIXME */
}
return STATUS_SUCCESS;
}
NTSTATUS NTSTATUS
NTAPI NTAPI
SamAddMemberToAlias(IN SAM_HANDLE AliasHandle, SamAddMemberToAlias(IN SAM_HANDLE AliasHandle,
@ -1725,6 +1761,7 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
{ {
PSAMPR_USER_SET_PASSWORD_INFORMATION PasswordBuffer; PSAMPR_USER_SET_PASSWORD_INFORMATION PasswordBuffer;
SAMPR_USER_INTERNAL1_INFORMATION Internal1Buffer; SAMPR_USER_INTERNAL1_INFORMATION Internal1Buffer;
PUSER_ALL_INFORMATION AllBuffer;
OEM_STRING LmPwdString; OEM_STRING LmPwdString;
CHAR LmPwdBuffer[15]; CHAR LmPwdBuffer[15];
NTSTATUS Status; NTSTATUS Status;
@ -1736,6 +1773,14 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
{ {
PasswordBuffer = (PSAMPR_USER_SET_PASSWORD_INFORMATION)Buffer; PasswordBuffer = (PSAMPR_USER_SET_PASSWORD_INFORMATION)Buffer;
Status = SampCheckPassword(UserHandle,
(PUNICODE_STRING)&PasswordBuffer->Password);
if (!NT_SUCCESS(Status))
{
TRACE("SampCheckPassword failed (Status 0x%08lx)\n", Status);
return Status;
}
/* Calculate the NT hash value of the passord */ /* Calculate the NT hash value of the passord */
Status = SystemFunction007((PUNICODE_STRING)&PasswordBuffer->Password, Status = SystemFunction007((PUNICODE_STRING)&PasswordBuffer->Password,
(LPBYTE)&Internal1Buffer.EncryptedNtOwfPassword); (LPBYTE)&Internal1Buffer.EncryptedNtOwfPassword);
@ -1786,6 +1831,21 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
return Status; return Status;
} }
} }
else if (UserInformationClass == UserAllInformation)
{
AllBuffer = (PUSER_ALL_INFORMATION)Buffer;
if (AllBuffer->WhichFields & (USER_ALL_LMPASSWORDPRESENT | USER_ALL_NTPASSWORDPRESENT))
{
Status = SampCheckPassword(UserHandle,
&AllBuffer->NtPassword);
if (!NT_SUCCESS(Status))
{
TRACE("SampCheckPassword failed (Status 0x%08lx)\n", Status);
return Status;
}
}
}
RpcTryExcept RpcTryExcept
{ {