source3/libsmb/pwd_cache.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    Password cacheing.  obfuscation is planned
   5    Copyright (C) Luke Kenneth Casson Leighton 1996-1998
   6
   7    This program is free software; you can redistribute it and/or modify
   8    it under the terms of the GNU General Public License as published by
   9    the Free Software Foundation; either version 2 of the License, or
  10    (at your option) any later version.
  11
  12    This program is distributed in the hope that it will be useful,
  13    but WITHOUT ANY WARRANTY; without even the implied warranty of
  14    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15    GNU General Public License for more details.
  16
  17    You should have received a copy of the GNU General Public License
  18    along with this program; if not, write to the Free Software
  19    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  20 */
  21
  22 #include "includes.h"
  23
  24 extern int DEBUGLEVEL;
  25
  26
  27 /****************************************************************************
  28 initialises a password structure
  29 ****************************************************************************/
  30 void pwd_init(struct pwd_info *pwd)
  31 {
  32         memset((char *)pwd->password  , '\0', sizeof(pwd->password  ));
  33         memset((char *)pwd->smb_lm_pwd, '\0', sizeof(pwd->smb_lm_pwd));
  34         memset((char *)pwd->smb_nt_pwd, '\0', sizeof(pwd->smb_nt_pwd));
  35         memset((char *)pwd->smb_lm_owf, '\0', sizeof(pwd->smb_lm_owf));
  36         memset((char *)pwd->smb_nt_owf, '\0', sizeof(pwd->smb_nt_owf));
  37
  38         pwd->null_pwd  = True; /* safest option... */
  39         pwd->cleartext = False;
  40         pwd->crypted   = False;
  41 }
  42
  43 /****************************************************************************
  44 de-obfuscates a password
  45 ****************************************************************************/
  46 static void pwd_deobfuscate(struct pwd_info *pwd)
  47 {
  48 }
  49
  50 /****************************************************************************
  51 obfuscates a password
  52 ****************************************************************************/
  53 static void pwd_obfuscate(struct pwd_info *pwd)
  54 {
  55 }
  56
  57 /****************************************************************************
  58 sets the obfuscation key info
  59 ****************************************************************************/
  60 void pwd_obfuscate_key(struct pwd_info *pwd, uint32 int_key, char *str_key)
  61 {
  62 }
  63
  64 /****************************************************************************
  65 compares two passwords.  hmm, not as trivial as expected.  hmm.
  66 ****************************************************************************/
  67 BOOL pwd_compare(struct pwd_info *pwd1, struct pwd_info *pwd2)
  68 {
  69         pwd_deobfuscate(pwd1);
  70         pwd_deobfuscate(pwd2);
  71         if (pwd1->cleartext && pwd2->cleartext)
  72         {
  73                 if (strequal(pwd1->password, pwd2->password))
  74                 {
  75                         pwd_obfuscate(pwd1);
  76                         pwd_obfuscate(pwd2);
  77                         return True;
  78                 }
  79         }
  80         if (pwd1->null_pwd && pwd2->null_pwd)
  81         {
  82                 pwd_obfuscate(pwd1);
  83                 pwd_obfuscate(pwd2);
  84                 return True;
  85         }
  86
  87         if (!pwd1->null_pwd  && !pwd2->null_pwd &&
  88             !pwd1->cleartext && !pwd2->cleartext)
  89         {
  90 #ifdef DEBUG_PASSWORD
  91                 DEBUG(100,("pwd compare: nt#\n"));
  92                 dump_data(100, pwd1->smb_nt_pwd, 16);
  93                 dump_data(100, pwd2->smb_nt_pwd, 16);
  94 #endif
  95                 if (memcmp(pwd1->smb_nt_pwd, pwd2->smb_nt_pwd, 16) == 0)
  96                 {
  97                         pwd_obfuscate(pwd1);
  98                         pwd_obfuscate(pwd2);
  99                         return True;
 100                 }
 101 #ifdef DEBUG_PASSWORD
 102                 DEBUG(100,("pwd compare: lm#\n"));
 103                 dump_data(100, pwd1->smb_lm_pwd, 16);
 104                 dump_data(100, pwd2->smb_lm_pwd, 16);
 105 #endif
 106                 if (memcmp(pwd1->smb_lm_pwd, pwd2->smb_lm_pwd, 16) == 0)
 107                 {
 108                         pwd_obfuscate(pwd1);
 109                         pwd_obfuscate(pwd2);
 110                         return True;
 111                 }
 112         }
 113         pwd_obfuscate(pwd1);
 114         pwd_obfuscate(pwd2);
 115         return False;
 116 }
 117
 118 /****************************************************************************
 119 reads a password
 120 ****************************************************************************/
 121 void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
 122 {
 123         /* grab a password */
 124         char *user_pass;
 125
 126         pwd_init(pwd);
 127
 128         user_pass = (char*)getpass(passwd_report);
 129
 130         if (user_pass == NULL || user_pass[0] == 0)
 131         {
 132                 pwd_set_nullpwd(pwd);
 133         }
 134         else if (do_encrypt)
 135         {
 136                 pwd_make_lm_nt_16(pwd, user_pass);
 137         }
 138         else
 139         {
 140                 pwd_set_cleartext(pwd, user_pass);
 141         }
 142 }
 143
 144 /****************************************************************************
 145  stores a cleartext password
 146  ****************************************************************************/
 147 void pwd_set_nullpwd(struct pwd_info *pwd)
 148 {
 149         pwd_init(pwd);
 150
 151         pwd->cleartext = False;
 152         pwd->null_pwd  = True;
 153         pwd->crypted   = False;
 154 }
 155
 156 /****************************************************************************
 157  stores a cleartext password
 158  ****************************************************************************/
 159 void pwd_set_cleartext(struct pwd_info *pwd, char *clr)
 160 {
 161         pwd_init(pwd);
 162         fstrcpy(pwd->password, clr);
 163         unix_to_dos(pwd->password,True);
 164         pwd->cleartext = True;
 165         pwd->null_pwd  = False;
 166         pwd->crypted   = False;
 167
 168         pwd_obfuscate(pwd);
 169 }
 170
 171 /****************************************************************************
 172  gets a cleartext password
 173  ****************************************************************************/
 174 void pwd_get_cleartext(struct pwd_info *pwd, char *clr)
 175 {
 176         pwd_deobfuscate(pwd);
 177         if (pwd->cleartext)
 178         {
 179                 fstrcpy(clr, pwd->password);
 180                 dos_to_unix(clr, True);
 181         }
 182         else
 183         {
 184                 clr[0] = 0;
 185         }
 186         pwd_obfuscate(pwd);
 187 }
 188
 189 /****************************************************************************
 190  stores lm and nt hashed passwords
 191  ****************************************************************************/
 192 void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
 193 {
 194         pwd_init(pwd);
 195
 196         if (lm_pwd)
 197         {
 198                 memcpy(pwd->smb_lm_pwd, lm_pwd, 16);
 199         }
 200         else
 201         {
 202                 memset((char *)pwd->smb_lm_pwd, '\0', 16);
 203         }
 204
 205         if (nt_pwd)
 206         {
 207                 memcpy(pwd->smb_nt_pwd, nt_pwd, 16);
 208         }
 209         else
 210         {
 211                 memset((char *)pwd->smb_nt_pwd, '\0', 16);
 212         }
 213
 214         pwd->null_pwd  = False;
 215         pwd->cleartext = False;
 216         pwd->crypted   = False;
 217
 218         pwd_obfuscate(pwd);
 219 }
 220
 221 /****************************************************************************
 222  gets lm and nt hashed passwords
 223  ****************************************************************************/
 224 void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
 225 {
 226         pwd_deobfuscate(pwd);
 227         if (lm_pwd != NULL)
 228         {
 229                 memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
 230         }
 231         if (nt_pwd != NULL)
 232         {
 233                 memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
 234         }
 235         pwd_obfuscate(pwd);
 236 }
 237
 238 /****************************************************************************
 239  makes lm and nt hashed passwords
 240  ****************************************************************************/
 241 void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
 242 {
 243         pstring dos_passwd;
 244
 245         pwd_init(pwd);
 246
 247         pstrcpy(dos_passwd, clr);
 248         unix_to_dos(dos_passwd, True);
 249
 250         nt_lm_owf_gen(dos_passwd, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
 251         pwd->null_pwd  = False;
 252         pwd->cleartext = False;
 253         pwd->crypted = False;
 254
 255         pwd_obfuscate(pwd);
 256 }
 257
 258 /****************************************************************************
 259  makes lm and nt OWF crypts
 260  ****************************************************************************/
 261 void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
 262 {
 263         pwd_deobfuscate(pwd);
 264
 265 #ifdef DEBUG_PASSWORD
 266         DEBUG(100,("client cryptkey: "));
 267         dump_data(100, (char *)cryptkey, 8);
 268 #endif
 269
 270         SMBOWFencrypt(pwd->smb_nt_pwd, cryptkey, pwd->smb_nt_owf);
 271
 272 #ifdef DEBUG_PASSWORD
 273         DEBUG(100,("nt_owf_passwd: "));
 274         dump_data(100, (char *)pwd->smb_nt_owf, sizeof(pwd->smb_nt_owf));
 275         DEBUG(100,("nt_sess_pwd: "));
 276         dump_data(100, (char *)pwd->smb_nt_pwd, sizeof(pwd->smb_nt_pwd));
 277 #endif
 278
 279         SMBOWFencrypt(pwd->smb_lm_pwd, cryptkey, pwd->smb_lm_owf);
 280
 281 #ifdef DEBUG_PASSWORD
 282         DEBUG(100,("lm_owf_passwd: "));
 283         dump_data(100, (char *)pwd->smb_lm_owf, sizeof(pwd->smb_lm_owf));
 284         DEBUG(100,("lm_sess_pwd: "));
 285         dump_data(100, (char *)pwd->smb_lm_pwd, sizeof(pwd->smb_lm_pwd));
 286 #endif
 287
 288         pwd->crypted = True;
 289
 290         pwd_obfuscate(pwd);
 291 }
 292
 293 /****************************************************************************
 294  gets lm and nt crypts
 295  ****************************************************************************/
 296 void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24])
 297 {
 298         pwd_deobfuscate(pwd);
 299         if (lm_owf != NULL)
 300         {
 301                 memcpy(lm_owf, pwd->smb_lm_owf, 24);
 302         }
 303         if (nt_owf != NULL)
 304         {
 305                 memcpy(nt_owf, pwd->smb_nt_owf, 24);
 306         }
 307         pwd_obfuscate(pwd);
 308 }