[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1494-gc400fc1

Günther Deschner gd at samba.org
Thu May 7 22:44:14 GMT 2009 

The branch, master has been updated
       via  c400fc1e1e9a0c3db82c9a96e9684c8debfb3b74 (commit)
       via  b9fa8285f77a8748b815f6ca6eaaf77767223bff (commit)
      from  41cb06fba7126c79fe536321f2dc461e87e83076 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit c400fc1e1e9a0c3db82c9a96e9684c8debfb3b74
Author: Günther Deschner <gd at samba.org>
Date:   Thu May 7 23:54:58 2009 +0200

    s3-samr: disable check for ACB_DISABLED in check_oem_password().
    
    It is a bad idea to just tell everyone that an account is disabled without
    really having checked the password first.
    
    Found by torture test.
    
    Guenther

commit b9fa8285f77a8748b815f6ca6eaaf77767223bff
Author: Günther Deschner <gd at samba.org>
Date:   Thu May 7 23:22:26 2009 +0200

    s3-samr: rework check_oem_password() to take a struct samu, not to return one.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/chgpasswd.c |   71 ++++++++++++++++++++--------------------------
 1 files changed, 31 insertions(+), 40 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/chgpasswd.c b/source3/smbd/chgpasswd.c
index 72f06fb..dd1864e 100644
--- a/source3/smbd/chgpasswd.c
+++ b/source3/smbd/chgpasswd.c
@@ -53,7 +53,7 @@ static NTSTATUS check_oem_password(const char *user,
 				   const uchar old_lm_hash_encrypted[16],
 				   uchar password_encrypted_with_nt_hash[516],
 				   const uchar old_nt_hash_encrypted[16],
-				   struct samu **hnd,
+				   struct samu *sampass,
 				   char **pp_new_passwd);
 
 #if ALLOW_CHANGE_PASSWORD
@@ -782,15 +782,33 @@ NTSTATUS pass_oem_change(char *user,
 {
 	char *new_passwd = NULL;
 	struct samu *sampass = NULL;
-	NTSTATUS nt_status = check_oem_password(user,
-						password_encrypted_with_lm_hash,
-						old_lm_hash_encrypted,
-						password_encrypted_with_nt_hash,
-						old_nt_hash_encrypted,
-						&sampass,
-						&new_passwd);
+	NTSTATUS nt_status;
+	bool ret = false;
+
+	if (!(sampass = samu_new(NULL))) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	become_root();
+	ret = pdb_getsampwnam(sampass, user);
+	unbecome_root();
+
+	if (ret == false) {
+		DEBUG(0,("pass_oem_change: getsmbpwnam returned NULL\n"));
+		TALLOC_FREE(sampass);
+		return NT_STATUS_NO_SUCH_USER;
+	}
+
+	nt_status = check_oem_password(user,
+				       password_encrypted_with_lm_hash,
+				       old_lm_hash_encrypted,
+				       password_encrypted_with_nt_hash,
+				       old_nt_hash_encrypted,
+				       sampass,
+				       &new_passwd);
 
 	if (!NT_STATUS_IS_OK(nt_status)) {
+		TALLOC_FREE(sampass);
 		return nt_status;
 	}
 
@@ -823,12 +841,11 @@ static NTSTATUS check_oem_password(const char *user,
 				   const uchar old_lm_hash_encrypted[16],
 				   uchar password_encrypted_with_nt_hash[516],
 				   const uchar old_nt_hash_encrypted[16],
-				   struct samu **hnd,
+				   struct samu *sampass,
 				   char **pp_new_passwd)
 {
 	uchar null_pw[16];
 	uchar null_ntpw[16];
-	struct samu *sampass = NULL;
 	uint8 *password_encrypted;
 	const uint8 *encryption_key;
 	const uint8 *lanman_pw, *nt_pw;
@@ -838,35 +855,20 @@ static NTSTATUS check_oem_password(const char *user,
 	uchar new_lm_hash[16];
 	uchar verifier[16];
 	char no_pw[2];
-	bool ret;
 
 	bool nt_pass_set = (password_encrypted_with_nt_hash && old_nt_hash_encrypted);
 	bool lm_pass_set = (password_encrypted_with_lm_hash && old_lm_hash_encrypted);
 
-	*hnd = NULL;
-
-	if ( !(sampass = samu_new( NULL )) ) {
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	become_root();
-	ret = pdb_getsampwnam(sampass, user);
-	unbecome_root();
-
-	if (ret == False) {
-		DEBUG(0, ("check_oem_password: getsmbpwnam returned NULL\n"));
-		TALLOC_FREE(sampass);
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
 	acct_ctrl = pdb_get_acct_ctrl(sampass);
+#if 0
+	/* I am convinced this check here is wrong, it is valid to
+	 * change a password of a user that has a disabled account - gd */
 
 	if (acct_ctrl & ACB_DISABLED) {
 		DEBUG(2,("check_lanman_password: account %s disabled.\n", user));
-		TALLOC_FREE(sampass);
 		return NT_STATUS_ACCOUNT_DISABLED;
 	}
-
+#endif
 	if ((acct_ctrl & ACB_PWNOTREQ) && lp_null_passwords()) {
 		/* construct a null password (in case one is needed */
 		no_pw[0] = 0;
@@ -898,7 +900,6 @@ static NTSTATUS check_oem_password(const char *user,
 	} else if (nt_pass_set) {
 		DEBUG(1, ("NT password change supplied for user %s, but we have no NT password to check it with\n", 
 			  user));
-		TALLOC_FREE(sampass);
 		return NT_STATUS_WRONG_PASSWORD;
 	} else if (lm_pass_set) {
 		if (lp_lanman_auth()) {
@@ -908,12 +909,10 @@ static NTSTATUS check_oem_password(const char *user,
 			DEBUG(1, ("LM password change supplied for user %s, but we have disabled LanMan authentication\n", 
 				  user));
 		}
-		TALLOC_FREE(sampass);
 		return NT_STATUS_WRONG_PASSWORD;
 	} else {
 		DEBUG(1, ("password change requested for user %s, but no password supplied!\n", 
 			  user));
-		TALLOC_FREE(sampass);
 		return NT_STATUS_WRONG_PASSWORD;
 	}
 
@@ -927,7 +926,6 @@ static NTSTATUS check_oem_password(const char *user,
 				pp_new_passwd,
 				&new_pw_len,
 				nt_pass_set ? CH_UTF16 : CH_DOS)) {
-		TALLOC_FREE(sampass);
 		return NT_STATUS_WRONG_PASSWORD;
 	}
 
@@ -950,7 +948,6 @@ static NTSTATUS check_oem_password(const char *user,
 			E_old_pw_hash(new_nt_hash, nt_pw, verifier);
 			if (memcmp(verifier, old_nt_hash_encrypted, 16)) {
 				DEBUG(0,("check_oem_password: old lm password doesn't match.\n"));
-				TALLOC_FREE(sampass);
 				return NT_STATUS_WRONG_PASSWORD;
 			}
 
@@ -967,7 +964,6 @@ static NTSTATUS check_oem_password(const char *user,
 			DEBUG(100,
 			      ("check_oem_password: password %s ok\n", *pp_new_passwd));
 #endif
-			*hnd = sampass;
 			return NT_STATUS_OK;
 		}
 
@@ -978,14 +974,12 @@ static NTSTATUS check_oem_password(const char *user,
 			E_old_pw_hash(new_nt_hash, lanman_pw, verifier);
 			if (memcmp(verifier, old_lm_hash_encrypted, 16)) {
 				DEBUG(0,("check_oem_password: old lm password doesn't match.\n"));
-				TALLOC_FREE(sampass);
 				return NT_STATUS_WRONG_PASSWORD;
 			}
 #ifdef DEBUG_PASSWORD
 			DEBUG(100,
 			      ("check_oem_password: password %s ok\n", *pp_new_passwd));
 #endif
-			*hnd = sampass;
 			return NT_STATUS_OK;
 		}
 	}
@@ -1000,7 +994,6 @@ static NTSTATUS check_oem_password(const char *user,
 		E_old_pw_hash(new_lm_hash, lanman_pw, verifier);
 		if (memcmp(verifier, old_lm_hash_encrypted, 16)) {
 			DEBUG(0,("check_oem_password: old lm password doesn't match.\n"));
-			TALLOC_FREE(sampass);
 			return NT_STATUS_WRONG_PASSWORD;
 		}
 
@@ -1008,12 +1001,10 @@ static NTSTATUS check_oem_password(const char *user,
 		DEBUG(100,
 		      ("check_oem_password: password %s ok\n", *pp_new_passwd));
 #endif
-		*hnd = sampass;
 		return NT_STATUS_OK;
 	}
 
 	/* should not be reached */
-	TALLOC_FREE(sampass);
 	return NT_STATUS_WRONG_PASSWORD;
 }
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list