Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-02-24 09:25:10 +00:00
Code Issues Projects Releases Packages Wiki Activity

[SAMSRV]

Browse source 
SamrChangePasswordUser: Check the old password before storing the new one.

svn path=/trunk/; revision=59449
This commit is contained in:
Eric Kohl 2013-07-07 20:27:38 +00:00
parent fd86dd4500
commit aa04fb3639
1 changed files with 88 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
reactos/dll/win32/samsrv/samrpc.c
View file

@ -7471,12 +7471,18 @@ SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle,
{
ENCRYPTED_LM_OWF_PASSWORD StoredLmPassword;
ENCRYPTED_NT_OWF_PASSWORD StoredNtPassword;
PENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
PENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
PENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
PENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
PSAM_DB_OBJECT UserObject;
ULONG Length;
NTSTATUS Status;
TRACE("(%p %u %u)\n",
UserHandle, LmPresent, NtPresent);
TRACE("(%p %u %p %p %u %p %p %u %p %u %p)\n",
UserHandle, LmPresent, OldLmEncryptedWithNewLm, NewLmEncryptedWithOldLm,
NtPresent, OldNtEncryptedWithNewNt, NewNtEncryptedWithOldNt, NtCrossEncryptionPresent,
NewNtEncryptedWithNewLm, LmCrossEncryptionPresent, NewLmEncryptedWithNewNt);
/* Validate the user handle */
Status = SampValidateDbObject(UserHandle,
@ -7513,17 +7519,74 @@ SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle,
}
/* FIXME: Check if the old passwords match the stored ones */
/* FIXME: Decrypt passwords */
OldLmPassword = OldLmEncryptedWithNewLm;
NewLmPassword = NewLmEncryptedWithOldLm;
OldNtPassword = OldNtEncryptedWithNewNt;
NewNtPassword = NewNtEncryptedWithOldNt;
/* Check if the old passwords match the stored ones */
if (NtPresent)
{
if (LmPresent)
{
if (!RtlEqualMemory(&StoredLmPassword,
OldLmPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old LM Password does not match!\n");
Status = STATUS_WRONG_PASSWORD;
}
else
{
if (!RtlEqualMemory(&StoredNtPassword,
OldNtPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old NT Password does not match!\n");
Status = STATUS_WRONG_PASSWORD;
}
}
}
else
{
if (!RtlEqualMemory(&StoredNtPassword,
OldNtPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old NT Password does not match!\n");
Status = STATUS_WRONG_PASSWORD;
}
}
}
else
{
if (LmPresent)
{
if (!RtlEqualMemory(&StoredLmPassword,
OldLmPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old LM Password does not match!\n");
Status = STATUS_WRONG_PASSWORD;
}
}
else
{
Status = STATUS_INVALID_PARAMETER;
}
}
/* Store the new LM password */
if (NT_SUCCESS(Status))
{
if (LmPresent)
{
Length = sizeof(ENCRYPTED_LM_OWF_PASSWORD);
Status = SampSetObjectAttribute(UserObject,
L"LMPwd",
REG_BINARY,
NewLmEncryptedWithOldLm,
NewLmPassword,
Length);
if (!NT_SUCCESS(Status))
{
@ -7538,13 +7601,14 @@ SamrChangePasswordUser(IN SAMPR_HANDLE UserHandle,
Status = SampSetObjectAttribute(UserObject,
L"NTPwd",
REG_BINARY,
NewNtEncryptedWithOldNt,
NewNtPassword,
Length);
if (!NT_SUCCESS(Status))
{
goto done;
}
}
}
done: