source3/libsmb/pwd_cache.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    Password cacheing.  obfuscation is planned
   5    Copyright (C) Luke Kenneth Casson Leighton 1996-1998
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 2 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program; if not, write to the Free Software
  19    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  20 */
  21
  22 #include "includes.h"
  23
  24 extern int DEBUGLEVEL;
  25
  26
  27 /****************************************************************************
  28 initialises a password structure
  29 ****************************************************************************/
  30 void pwd_init(struct pwd_info *pwd)
  31 {
  32         bzero(pwd->password  , sizeof(pwd->password  ));
  33         bzero(pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
  34         bzero(pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
  35         bzero(pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
  36         bzero(pwd->smb_nt_owf, sizeof(pwd->smb_nt_owf));
  37
  38         pwd->null_pwd  = True; /* safest option... */
  39         pwd->cleartext = False;
  40         pwd->crypted   = False;
  41 }
  42
  43 /****************************************************************************
  44 de-obfuscates a password
  45 ****************************************************************************/
  46 static void pwd_deobfuscate(struct pwd_info *pwd)
  47 {
  48 }
  49
  50 /****************************************************************************
  51 obfuscates a password
  52 ****************************************************************************/
  53 static void pwd_obfuscate(struct pwd_info *pwd)
  54 {
  55 }
  56
  57 /****************************************************************************
  58 sets the obfuscation key info
  59 ****************************************************************************/
  60 void pwd_obfuscate_key(struct pwd_info *pwd, uint32 int_key, char *str_key)
  61 {
  62 }
  63
  64 /****************************************************************************
  65 reads a password
  66 ****************************************************************************/
  67 void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
  68 {
  69         /* grab a password */
  70         char *user_pass;
  71
  72         pwd_init(pwd);
  73
  74         user_pass = (char*)getpass(passwd_report);
  75
  76         if (user_pass == NULL || user_pass[0] == 0)
  77         {
  78                 pwd_set_nullpwd(pwd);
  79         }
  80         else if (do_encrypt)
  81         {
  82                 pwd_make_lm_nt_16(pwd, user_pass);
  83         }
  84         else
  85         {
  86                 pwd_set_cleartext(pwd, user_pass);
  87         }
  88 }
  89
  90 /****************************************************************************
  91  stores a cleartext password
  92  ****************************************************************************/
  93 void pwd_set_nullpwd(struct pwd_info *pwd)
  94 {
  95         pwd_init(pwd);
  96
  97         pwd->cleartext = False;
  98         pwd->null_pwd  = True;
  99         pwd->crypted   = False;
 100 }
 101
 102 /****************************************************************************
 103  stores a cleartext password
 104  ****************************************************************************/
 105 void pwd_set_cleartext(struct pwd_info *pwd, char *clr)
 106 {
 107         pwd_init(pwd);
 108         fstrcpy(pwd->password, clr);
 109         pwd->cleartext = True;
 110         pwd->null_pwd  = False;
 111         pwd->crypted   = False;
 112
 113         pwd_obfuscate(pwd);
 114 }
 115
 116 /****************************************************************************
 117  gets a cleartext password
 118  ****************************************************************************/
 119 void pwd_get_cleartext(struct pwd_info *pwd, char *clr)
 120 {
 121         pwd_deobfuscate(pwd);
 122         if (pwd->cleartext)
 123         {
 124                 fstrcpy(clr, pwd->password);
 125         }
 126         else
 127         {
 128                 clr[0] = 0;
 129         }
 130         pwd_obfuscate(pwd);
 131 }
 132
 133 /****************************************************************************
 134  stores lm and nt hashed passwords
 135  ****************************************************************************/
 136 void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
 137 {
 138         pwd_init(pwd);
 139
 140         if (lm_pwd)
 141         {
 142                 memcpy(pwd->smb_lm_pwd, lm_pwd, 16);
 143         }
 144         else
 145         {
 146                 bzero(pwd->smb_lm_pwd, 16);
 147         }
 148
 149         if (nt_pwd)
 150         {
 151                 memcpy(pwd->smb_nt_pwd, nt_pwd, 16);
 152         }
 153         else
 154         {
 155                 bzero(pwd->smb_nt_pwd, 16);
 156         }
 157
 158         pwd->null_pwd  = False;
 159         pwd->cleartext = False;
 160         pwd->crypted   = False;
 161
 162         pwd_obfuscate(pwd);
 163 }
 164
 165 /****************************************************************************
 166  gets lm and nt hashed passwords
 167  ****************************************************************************/
 168 void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
 169 {
 170         pwd_deobfuscate(pwd);
 171         if (lm_pwd != NULL)
 172         {
 173                 memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
 174         }
 175         if (nt_pwd != NULL)
 176         {
 177                 memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
 178         }
 179         pwd_obfuscate(pwd);
 180 }
 181
 182 /****************************************************************************
 183  makes lm and nt hashed passwords
 184  ****************************************************************************/
 185 void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
 186 {
 187         pwd_init(pwd);
 188
 189         nt_lm_owf_gen(clr, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
 190         pwd->null_pwd  = False;
 191         pwd->cleartext = False;
 192         pwd->crypted = False;
 193
 194         pwd_obfuscate(pwd);
 195 }
 196
 197 /****************************************************************************
 198  makes lm and nt OWF crypts
 199  ****************************************************************************/
 200 void pwd_make_lm_nt_owf2(struct pwd_info *pwd, const uchar srv_key[8],
 201                 const char *user, const char *server, const char *domain)
 202 {
 203         uchar kr[16];
 204
 205         DEBUG(10,("pwd_make_lm_nt_owf2: user %s, srv %s, dom %s\n",
 206                 user, server, domain));
 207
 208         pwd_deobfuscate(pwd);
 209
 210         SMBgenclientchals(pwd->lm_cli_chal,
 211                           pwd->nt_cli_chal,
 212                           &pwd->nt_cli_chal_len,
 213                           server, domain);
 214
 215         ntv2_owf_gen(pwd->smb_nt_pwd, user, domain, kr);
 216
 217         /* lm # */
 218         SMBOWFencrypt_ntv2(kr,
 219                            srv_key, 8,
 220                            pwd->lm_cli_chal, 8,
 221                            pwd->smb_lm_owf);
 222         memcpy(&pwd->smb_lm_owf[16], pwd->lm_cli_chal, 8);
 223
 224         /* nt # */
 225         SMBOWFencrypt_ntv2(kr,
 226                        srv_key, 8,
 227                        pwd->nt_cli_chal, pwd->nt_cli_chal_len,
 228                        pwd->smb_nt_owf);
 229         memcpy(&pwd->smb_nt_owf[16], pwd->nt_cli_chal, pwd->nt_cli_chal_len);
 230         pwd->nt_owf_len = pwd->nt_cli_chal_len + 16;
 231
 232 #ifdef DEBUG_PASSWORD
 233         DEBUG(100,("server cryptkey: "));
 234         dump_data(100, srv_key, 8);
 235
 236         DEBUG(100,("client lmv2 cryptkey: "));
 237         dump_data(100, pwd->lm_cli_chal, 8);
 238
 239         DEBUG(100,("client ntv2 cryptkey: "));
 240         dump_data(100, pwd->nt_cli_chal, pwd->nt_cli_chal_len);
 241
 242         DEBUG(100,("ntv2_owf_passwd: "));
 243         dump_data(100, pwd->smb_nt_owf, pwd->nt_owf_len);
 244         DEBUG(100,("nt_sess_pwd: "));
 245         dump_data(100, pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
 246
 247         DEBUG(100,("lmv2_owf_passwd: "));
 248         dump_data(100, pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
 249         DEBUG(100,("lm_sess_pwd: "));
 250         dump_data(100, pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
 251 #endif
 252         pwd->crypted = True;
 253
 254         pwd_obfuscate(pwd);
 255 }
 256
 257 /****************************************************************************
 258  makes lm and nt OWF crypts
 259  ****************************************************************************/
 260 void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
 261 {
 262         pwd_deobfuscate(pwd);
 263
 264         SMBOWFencrypt(pwd->smb_lm_pwd, cryptkey, pwd->smb_lm_owf);
 265         SMBOWFencrypt(pwd->smb_nt_pwd, cryptkey, pwd->smb_nt_owf);
 266         pwd->nt_owf_len = 24;
 267
 268 #ifdef DEBUG_PASSWORD
 269         DEBUG(100,("client cryptkey: "));
 270         dump_data(100, cryptkey, 8);
 271
 272         DEBUG(100,("nt_owf_passwd: "));
 273         dump_data(100, pwd->smb_nt_owf, pwd->nt_owf_len);
 274         DEBUG(100,("nt_sess_pwd: "));
 275         dump_data(100, pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
 276
 277         DEBUG(100,("lm_owf_passwd: "));
 278         dump_data(100, pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
 279         DEBUG(100,("lm_sess_pwd: "));
 280         dump_data(100, pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
 281 #endif
 282
 283         pwd->crypted = True;
 284
 285         pwd_obfuscate(pwd);
 286 }
 287
 288 /****************************************************************************
 289  gets lm and nt crypts
 290  ****************************************************************************/
 291 void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24],
 292                                 uchar *nt_owf, size_t *nt_owf_len)
 293 {
 294         pwd_deobfuscate(pwd);
 295         if (lm_owf != NULL)
 296         {
 297                 memcpy(lm_owf, pwd->smb_lm_owf, 24);
 298         }
 299         if (nt_owf != NULL)
 300         {
 301                 memcpy(nt_owf, pwd->smb_nt_owf, pwd->nt_owf_len);
 302         }
 303         if (nt_owf_len != NULL)
 304         {
 305                 *nt_owf_len = pwd->nt_owf_len;
 306         }
 307         pwd_obfuscate(pwd);
 308 }
 309