2 Unix SMB/Netbios implementation.
4 Password cacheing. obfuscation is planned
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 /****************************************************************************
25 Initialises a password structure.
26 ****************************************************************************/
28 void pwd_init(struct pwd_info *pwd)
30 memset((char *)pwd->password , '\0', sizeof(pwd->password ));
31 memset((char *)pwd->smb_lm_pwd, '\0', sizeof(pwd->smb_lm_pwd));
32 memset((char *)pwd->smb_nt_pwd, '\0', sizeof(pwd->smb_nt_pwd));
33 memset((char *)pwd->smb_lm_owf, '\0', sizeof(pwd->smb_lm_owf));
34 memset((char *)pwd->smb_nt_owf, '\0', sizeof(pwd->smb_nt_owf));
36 pwd->null_pwd = True; /* safest option... */
37 pwd->cleartext = False;
41 /****************************************************************************
42 Returns NULL password flag.
43 ****************************************************************************/
45 BOOL pwd_is_nullpwd(const struct pwd_info *pwd)
50 /****************************************************************************
51 Compares two passwords. hmm, not as trivial as expected. hmm.
52 ****************************************************************************/
54 BOOL pwd_compare(const struct pwd_info *pwd1, const struct pwd_info *pwd2)
56 if (pwd1->cleartext && pwd2->cleartext) {
57 if (strequal(pwd1->password, pwd2->password))
60 if (pwd1->null_pwd && pwd2->null_pwd)
63 if (!pwd1->null_pwd && !pwd2->null_pwd &&
64 !pwd1->cleartext && !pwd2->cleartext) {
66 DEBUG(100,("pwd compare: nt#\n"));
67 dump_data(100, pwd1->smb_nt_pwd, 16);
68 dump_data(100, pwd2->smb_nt_pwd, 16);
70 if (memcmp(pwd1->smb_nt_pwd, pwd2->smb_nt_pwd, 16) == 0)
73 DEBUG(100,("pwd compare: lm#\n"));
74 dump_data(100, pwd1->smb_lm_pwd, 16);
75 dump_data(100, pwd2->smb_lm_pwd, 16);
77 if (memcmp(pwd1->smb_lm_pwd, pwd2->smb_lm_pwd, 16) == 0)
83 /****************************************************************************
85 ****************************************************************************/
87 void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
94 user_pass = (char*)getpass(passwd_report);
97 * Do not assume that an empty string is a NULL password.
98 * If you do this will break the session key generation for
99 * and account with an emtpy password. If you wish to use
100 * a NULL password, use the -N option to smbclient and rpcclient
104 if (user_pass == NULL || user_pass[0] == 0)
105 pwd_set_nullpwd(pwd);
109 pwd_make_lm_nt_16(pwd, user_pass);
111 pwd_set_cleartext(pwd, user_pass);
114 /****************************************************************************
115 Stores a cleartext password.
116 ****************************************************************************/
118 void pwd_set_nullpwd(struct pwd_info *pwd)
122 pwd->cleartext = False;
123 pwd->null_pwd = True;
124 pwd->crypted = False;
127 /****************************************************************************
128 Stores a cleartext password.
129 ****************************************************************************/
131 void pwd_set_cleartext(struct pwd_info *pwd, char *clr)
134 push_ascii_fstring(pwd->password, clr);
135 pwd->cleartext = True;
136 pwd->null_pwd = False;
137 pwd->crypted = False;
138 pwd_make_lm_nt_16(pwd, clr);
141 /****************************************************************************
142 Gets a cleartext password.
143 ****************************************************************************/
145 void pwd_get_cleartext(struct pwd_info *pwd, char *clr)
148 fstrcpy(clr, pwd->password);
154 /****************************************************************************
155 Stores lm and nt hashed passwords.
156 ****************************************************************************/
158 void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
163 memcpy(pwd->smb_lm_pwd, lm_pwd, 16);
165 memset((char *)pwd->smb_lm_pwd, '\0', 16);
168 memcpy(pwd->smb_nt_pwd, nt_pwd, 16);
170 memset((char *)pwd->smb_nt_pwd, '\0', 16);
172 pwd->null_pwd = False;
173 pwd->cleartext = False;
174 pwd->crypted = False;
177 /****************************************************************************
178 Gets lm and nt hashed passwords.
179 ****************************************************************************/
181 void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
184 memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
186 memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
189 /****************************************************************************
190 Makes lm and nt hashed passwords.
191 ****************************************************************************/
193 void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
199 push_ascii_pstring(dos_passwd, clr);
201 nt_lm_owf_gen(dos_passwd, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
202 pwd->null_pwd = False;
203 pwd->cleartext = False;
204 pwd->crypted = False;
207 /****************************************************************************
208 Makes lm and nt OWF crypts.
209 ****************************************************************************/
211 void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
214 #ifdef DEBUG_PASSWORD
215 DEBUG(100,("client cryptkey: "));
216 dump_data(100, (char *)cryptkey, 8);
219 SMBOWFencrypt(pwd->smb_nt_pwd, cryptkey, pwd->smb_nt_owf);
221 #ifdef DEBUG_PASSWORD
222 DEBUG(100,("nt_owf_passwd: "));
223 dump_data(100, (char *)pwd->smb_nt_owf, sizeof(pwd->smb_nt_owf));
224 DEBUG(100,("nt_sess_pwd: "));
225 dump_data(100, (char *)pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
228 SMBOWFencrypt(pwd->smb_lm_pwd, cryptkey, pwd->smb_lm_owf);
230 #ifdef DEBUG_PASSWORD
231 DEBUG(100,("lm_owf_passwd: "));
232 dump_data(100, (char *)pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
233 DEBUG(100,("lm_sess_pwd: "));
234 dump_data(100, (char *)pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
240 /****************************************************************************
241 Gets lm and nt crypts.
242 ****************************************************************************/
244 void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24])
247 memcpy(lm_owf, pwd->smb_lm_owf, 24);
249 memcpy(nt_owf, pwd->smb_nt_owf, 24);