void NTLMSSPOWFencrypt(uchar passwd[8], uchar *ntlmchalresp, uchar p24[24]);
void SMBNTencrypt(uchar *passwd, uchar *c8, uchar *p24);
BOOL make_oem_passwd_hash(char data[516], const char *passwd, uchar old_pw_hash[16], BOOL unicode);
-BOOL decode_pw_buffer(const char buffer[516], char *new_pwrd,
+BOOL decode_pw_buffer(char buffer[516], char *new_pwrd,
int new_pwrd_size, uint32 *new_pw_len);
/*The following definitions come from libsmb/smberr.c */
BOOL prs_append_data(prs_struct *dst, char *src, uint32 len);
void prs_set_bigendian_data(prs_struct *ps);
BOOL prs_align(prs_struct *ps);
+BOOL prs_align_needed(prs_struct *ps, uint32 needed);
char *prs_mem_get(prs_struct *ps, uint32 extra_size);
void prs_switch_type(prs_struct *ps, BOOL io);
void prs_force_dynamic(prs_struct *ps);
/* Does both the NT and LM owfs of a user's password */
void nt_lm_owf_gen(char *pwd, uchar nt_p16[16], uchar p16[16])
{
- char passwd[130];
+ char passwd[514];
- memset(passwd,'\0',130);
+ memset(passwd,'\0',514);
safe_strcpy( passwd, pwd, sizeof(passwd)-1);
/* Calculate the MD4 hash (NT compatible) of the password */
/***********************************************************
decode a password buffer
************************************************************/
-BOOL decode_pw_buffer(const char buffer[516], char *new_pwrd,
+BOOL decode_pw_buffer(char buffer[516], char *new_pwrd,
int new_pwrd_size, uint32 *new_pw_len)
{
int uni_pw_len=0;
If you reuse that code somewhere else check first.
*/
+ ZERO_STRUCTP(new_pwrd);
/*
* The length of the new password is in the last 4 bytes of
uni_pw_len = *new_pw_len;
*new_pw_len /= 2;
pw = dos_unistrn2((uint16 *)(&buffer[512 - uni_pw_len]), uni_pw_len);
- memcpy(new_pwrd, pw, *new_pw_len + 1);
+ memcpy(new_pwrd, pw, *new_pw_len);
#ifdef DEBUG_PASSWORD
dump_data(100, new_pwrd, (*new_pw_len));
void copy_sam_passwd(struct sam_passwd *to, const struct sam_passwd *from)
{
static fstring smb_name="";
- static fstring unix_name="";
static fstring full_name="";
static fstring home_dir="";
static fstring dir_drive="";
void init_lsa_trans_name(LSA_TRANS_NAME *trn, UNISTR2 *uni_name,
uint16 sid_name_use, char *name, uint32 idx)
{
- int len_name = strlen(name);
+ int len_name = strlen(name)+1;
if(len_name == 0)
len_name = 1;
if (qos == NULL)
r_q->des_access = desired_access;
- init_unistr2(&r_q->uni_server_name, server_name, strlen(server_name));
+ init_unistr2(&r_q->uni_server_name, server_name, strlen(server_name)+1);
init_lsa_obj_attr(&r_q->attr, attributes, qos);
}
r_e->enum_context = enum_context;
if (status == 0) {
- int len_domain_name = strlen(domain_name);
+ int len_domain_name = strlen(domain_name)+1;
r_e->num_domains = 1;
r_e->ptr_enum_domains = 1;
for (i = 0; i < num_names; i++) {
char* name = names[i];
- int len = strlen(name);
+ int len = strlen(name)+1;
init_uni_hdr(&q_l->hdr_name[i], len);
init_unistr2(&q_l->uni_name[i], name, len);
}
BOOL net_io_r_trust_dom(char *desc, NET_R_TRUST_DOM_LIST *r_t, prs_struct *ps, int depth)
{
- int i;
+ uint32 value;
+
if (r_t == NULL)
return False;
prs_debug(ps, depth, desc, "net_io_r_trust_dom");
depth++;
+ /* temporary code to give a valid response */
+ value=2;
+ if(!prs_uint32("status", ps, depth, &value))
+ return False;
+
+ value=1;
+ if(!prs_uint32("status", ps, depth, &value))
+ return False;
+ value=2;
+ if(!prs_uint32("status", ps, depth, &value))
+ return False;
+
+ value=0;
+ if(!prs_uint32("status", ps, depth, &value))
+ return False;
+
+ value=0;
+ if(!prs_uint32("status", ps, depth, &value))
+ return False;
+
+/* old non working code */
+#if 0
+ int i;
+
for (i = 0; i < MAX_TRUST_DOMS; i++) {
if (r_t->uni_trust_dom_name[i].uni_str_len == 0)
break;
if(!prs_uint32("status", ps, depth, &r_t->status))
return False;
-
+#endif
return True;
}
return True;
}
+/*******************************************************************
+ Align only if required (for the unistr2 string mainly)
+ ********************************************************************/
+
+BOOL prs_align_needed(prs_struct *ps, uint32 needed)
+{
+ if (needed==0)
+ return True;
+ else
+ return prs_align(ps);
+}
+
/*******************************************************************
Ensure we can read/write to a given offset.
********************************************************************/
void init_unk_info2(SAM_UNK_INFO_2 *u_2, char *domain, char *server)
{
- int len_domain = strlen(domain);
- int len_server = strlen(server);
+ int len_domain = strlen(domain)+1;
+ int len_server = strlen(server)+1;
u_2->unknown_0 = 0x00000000;
u_2->unknown_1 = 0x80000000;
if(r_u == NULL)
return;
- alias_len = alias?strlen(alias):0;
- alias_desc_len = alias_desc?strlen(alias_desc):0;
+ alias_len = alias?strlen(alias)+1:0;
+ alias_desc_len = alias_desc?strlen(alias_desc)+1:0;
DEBUG(5,("init_samr_r_query_aliasinfo\n"));
SMB_ASSERT_ARRAY(r_u->hdr_als_name, num_aliases);
for (i = 0; i < num_aliases; i++) {
- int als_len = als_name[i] != NULL ? strlen(als_name[i]) : 0;
+ int als_len = als_name[i] != NULL ? strlen(als_name[i])+1 : 0;
init_uni_hdr(&r_u->hdr_als_name[i], als_len);
init_unistr2(&r_u->uni_als_name[i], als_name[i], als_len);
r_u->num_als_usrs[i] = num_als_usrs[i];
DEBUG(5,("init_sam_user_info11\n"));
- len_mach_acct = strlen(mach_acct);
+ len_mach_acct = strlen(mach_acct)+1;
memcpy(&usr->expiry,expiry, sizeof(usr->expiry)); /* expiry time or something? */
memset((char *)usr->padding_1, '\0', sizeof(usr->padding_1)); /* 0 - padding 24 bytes */
uint32 unknown_5,
uint32 unknown_6)
{
- int len_user_name = user_name != NULL ? strlen(user_name ) : 0;
- int len_full_name = full_name != NULL ? strlen(full_name ) : 0;
- int len_home_dir = home_dir != NULL ? strlen(home_dir ) : 0;
- int len_dir_drive = dir_drive != NULL ? strlen(dir_drive ) : 0;
- int len_logon_script = logon_script != NULL ? strlen(logon_script) : 0;
- int len_profile_path = profile_path != NULL ? strlen(profile_path) : 0;
- int len_description = description != NULL ? strlen(description ) : 0;
- int len_workstations = workstations != NULL ? strlen(workstations) : 0;
- int len_unknown_str = unknown_str != NULL ? strlen(unknown_str ) : 0;
- int len_munged_dial = munged_dial != NULL ? strlen(munged_dial ) : 0;
+ int len_user_name = user_name != NULL ? strlen(user_name )+1 : 0;
+ int len_full_name = full_name != NULL ? strlen(full_name )+1 : 0;
+ int len_home_dir = home_dir != NULL ? strlen(home_dir )+1 : 0;
+ int len_dir_drive = dir_drive != NULL ? strlen(dir_drive )+1 : 0;
+ int len_logon_script = logon_script != NULL ? strlen(logon_script)+1 : 0;
+ int len_profile_path = profile_path != NULL ? strlen(profile_path)+1 : 0;
+ int len_description = description != NULL ? strlen(description )+1 : 0;
+ int len_workstations = workstations != NULL ? strlen(workstations)+1 : 0;
+ int len_unknown_str = unknown_str != NULL ? strlen(unknown_str )+1 : 0;
+ int len_munged_dial = munged_dial != NULL ? strlen(munged_dial )+1 : 0;
usr->logon_time = *logon_time;
usr->logoff_time = *logoff_time;
********************************************************************/
void init_samr_q_unknown_38(SAMR_Q_UNKNOWN_38 *q_u, char *srv_name)
{
- int len_srv_name = strlen(srv_name);
+ int len_srv_name = strlen(srv_name)+1;
DEBUG(5,("init_q_unknown_38\n"));
char nt_newpass[516], uchar nt_oldhash[16],
char lm_newpass[516], uchar lm_oldhash[16])
{
- int len_dest_host = strlen(dest_host);
- int len_user_name = strlen(user_name);
+ int len_dest_host = strlen(dest_host)+1;
+ int len_user_name = strlen(user_name)+1;
DEBUG(5,("init_samr_q_chgpasswd_user\n"));
if(r_u->status == 0)
for(i=0;i<num_sam_entries;i++) /* only two domains to send */
{
- init_unistr2(&r_u->uni_dom_name[i],domains[i], strlen(domains[i]));
- init_sam_entry(&(r_u->sam[i]), strlen(domains[i]), 0);
+ init_unistr2(&r_u->uni_dom_name[i],domains[i], strlen(domains[i])+1);
+ init_sam_entry(&(r_u->sam[i]), strlen(domains[i])+1, 0);
}
else
{
/* here begins pointed-to data */
+ if(!prs_align_needed(ps, usr->hdr_user_name.buffer))
+ return False;
if(!smb_io_unistr2("uni_user_name", &usr->uni_user_name, usr->hdr_user_name.buffer, ps, depth)) /* username unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_full_name.buffer))
return False;
if(!smb_io_unistr2("uni_full_name", &usr->uni_full_name, usr->hdr_full_name.buffer, ps, depth)) /* user's full name unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_home_dir.buffer))
return False;
if(!smb_io_unistr2("uni_home_dir", &usr->uni_home_dir, usr->hdr_home_dir.buffer, ps, depth)) /* home directory unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_dir_drive.buffer))
return False;
if(!smb_io_unistr2("uni_dir_drive", &usr->uni_dir_drive, usr->hdr_dir_drive.buffer, ps, depth)) /* home directory drive unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_logon_script.buffer))
return False;
if(!smb_io_unistr2("uni_logon_script", &usr->uni_logon_script, usr->hdr_logon_script.buffer, ps, depth)) /* logon script unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_profile_path.buffer))
return False;
if(!smb_io_unistr2("uni_profile_path", &usr->uni_profile_path, usr->hdr_profile_path.buffer, ps, depth)) /* profile path unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_acct_desc.buffer))
return False;
if(!smb_io_unistr2("uni_acct_desc", &usr->uni_acct_desc, usr->hdr_acct_desc.buffer, ps, depth)) /* user desc unicode string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_workstations.buffer))
return False;
if(!smb_io_unistr2("uni_workstations", &usr->uni_workstations, usr->hdr_workstations.buffer, ps, depth)) /* worksations user can log on from */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_unknown_str.buffer))
return False;
if(!smb_io_unistr2("uni_unknown_str", &usr->uni_unknown_str, usr->hdr_unknown_str.buffer, ps, depth)) /* unknown string */
return False;
- if(!prs_align(ps))
+ if(!prs_align_needed(ps, usr->hdr_munged_dial.buffer))
return False;
if(!smb_io_unistr2("uni_munged_dial", &usr->uni_munged_dial, usr->hdr_munged_dial.buffer, ps, depth)) /* worksations user can log on from */
return False;
- if(!prs_align(ps))
- return False;
/* ok, this is only guess-work (as usual) */
if (usr->unknown_5 != 0x0) {
+ if(!prs_align(ps))
+ return False;
if(!prs_uint32("unknown_6", ps, depth, &usr->unknown_6))
return False;
if(!prs_uint32("padding4", ps, depth, &usr->padding4))
}
if (usr->ptr_logon_hrs) {
+ if(!prs_align(ps))
+ return False;
if(!sam_io_logon_hrs("logon_hrs", &usr->logon_hrs, ps, depth))
return False;
}
static void init_dom_query(DOM_QUERY *d_q, char *dom_name, DOM_SID *dom_sid)
{
- int domlen = (dom_name != NULL) ? strlen(dom_name) : 0;
+ int domlen = (dom_name != NULL) ? strlen(dom_name)+1 : 0;
d_q->uni_dom_max_len = domlen * 2;
d_q->uni_dom_str_len = domlen * 2;
ref->max_entries = MAX_REF_DOMAINS;
ref->num_ref_doms_2 = num+1;
- len = (dom_name != NULL) ? strlen(dom_name) : 0;
+ len = (dom_name != NULL) ? strlen(dom_name)+1 : 0;
if(dom_name != NULL && len == 0)
len = 1;
continue;
}
- user_name_len = strlen(pwd->smb_name);
+ user_name_len = strlen(pwd->smb_name)+1;
init_unistr2(&(pw_buf[(*num_entries)].uni_user_name), pwd->smb_name, user_name_len);
init_uni_hdr(&(pw_buf[(*num_entries)].hdr_user_name), user_name_len);
pw_buf[(*num_entries)].user_rid = pwd->user_rid;
got_grps = True;
num_entries = 1;
ZERO_STRUCTP(&pass[0]);
- init_unistr2(&(pass[0].uni_user_name), dummy_group, strlen(dummy_group));
+ init_unistr2(&(pass[0].uni_user_name), dummy_group, strlen(dummy_group)+1);
pass[0].user_rid = DOMAIN_GROUP_RID_ADMINS;
if (r_e.status == 0 && got_grps)
char *name;
while (num_entries < MAX_SAM_ENTRIES && ((name = builtin_alias_rids[num_entries].name) != NULL))
{
- init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name));
+ init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name)+1);
pass[num_entries].user_rid = builtin_alias_rids[num_entries].rid;
num_entries++;
}
continue;
}
- init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name));
+ init_unistr2(&(pass[num_entries].uni_user_name), name, strlen(name)+1);
pass[num_entries].user_rid = pdb_gid_to_group_rid(grp->gr_gid);
num_entries++;
}
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
- fstrcpy(dom[0],global_myname);
+ fstrcpy(dom[0],global_myworkgroup);
fstrcpy(dom[1],"Builtin");
if(!samr_io_q_enum_domains("", &q_u, data, 0)) {
pdb_init_sam(&new_pwd);
copy_sam_passwd(&new_pwd, pwd);
+ memset(buf, 0, sizeof(buf));
+
if (!decode_pw_buffer((const char *)id24->pass, buf, 256, &len))
return False;
+DEBUG(0,("set_user_info_24:nt_lm_owf_gen\n"));
nt_lm_owf_gen(buf, nt_hash, lm_hash);
new_pwd.smb_passwd = lm_hash;
return False;
memset(buf, 0, sizeof(buf));
+DEBUG(0,("set_user_info_24:mod_sam21pwd_entry\n"));
/* update the SAMBA password */
if(!mod_sam21pwd_entry(&new_pwd, True))