fascinating: may be the answer to some of the login problems: byte ordering

in passwords.  AAGH!

3 files changed, 21 insertions, 15 deletions

diff --git a/source/libsmb/smbencrypt.c b/source/libsmb/smbencrypt.c
index 1ac28ef2008..34a8f55cfb1 100644
--- a/source/libsmb/smbencrypt.c
+++ b/source/libsmb/smbencrypt.c
@@ -194,24 +194,21 @@ void lm_owf_gen(const char *pwd, uchar p16[16])
 /* Does both the NT and LM owfs of a user's password */
 void nt_owf_genW(const UNISTR2 * pwd, uchar nt_p16[16])
 {
-	UNISTR2 pwrd;
-
-	ZERO_STRUCT(pwrd);
-	if (pwd != NULL)
+	char buf[512];
+	int i;
+	
+	for (i = 0; i < MIN(pwd->uni_str_len, sizeof(buf)/2); i++)
 	{
-		copy_unistr2(&pwrd, pwd);
+		SIVAL(buf, i*2, pwd->buffer[i]);
 	}
-
 	/* Calculate the MD4 hash (NT compatible) of the password */
-	mdfour(nt_p16, (uchar *) pwrd.buffer, pwrd.uni_str_len * 2);
+	mdfour(nt_p16, buf, pwd->uni_str_len * 2);
+
+	dump_data_pw("nt_owf_genW:", buf, pwd->uni_str_len * 2);
+	dump_data_pw("nt#:", nt_p16, 16);
 
-#ifdef DEBUG_PASSWORD
-	DEBUG(100, ("nt_owf_genW: pwd, nt#\n"));
-	dump_data(120, (const char *)pwrd.buffer, pwrd.uni_str_len * 2);
-	dump_data(100, nt_p16, 16);
-#endif
 	/* clear out local copy of user's password (just being paranoid). */
-	ZERO_STRUCT(pwrd);
+	ZERO_STRUCT(buf);
 }
 
 /* Does both the NT and LM owfs of a user's password */
diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c
index cb010396e9e..3243981bc55 100644
--- a/source/rpcclient/cmd_samr.c
+++ b/source/rpcclient/cmd_samr.c
@@ -962,6 +962,7 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
 	BOOL join_domain = False;
 	int opt;
 	char *password = NULL;
+	pstring upwb;
 	int plen = 0;
 	int len = 0;
 	UNISTR2 upw;
@@ -1031,7 +1032,8 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
 				fstring pwd;
 				safe_strcpy(pwd, optarg, sizeof(pwd)-1);
 				make_unistr2(&upw, pwd, strlen(pwd));
-				password = (char*)upw.buffer;
+				ascii_to_unibuf(upwb, pwd, strlen(pwd)*2);
+				password = upwb;
 				plen = upw.uni_str_len * 2;
 				memset(pwd, 0, sizeof(pwd));
 				break;
diff --git a/source/samrd/srv_samr_usr_tdb.c b/source/samrd/srv_samr_usr_tdb.c
index 81533b938b3..9cee6fe51ad 100644
--- a/source/samrd/srv_samr_usr_tdb.c
+++ b/source/samrd/srv_samr_usr_tdb.c
@@ -462,9 +462,11 @@ static BOOL set_user_info_24(TDB_CONTEXT * usr_tdb,
 	static uchar nt_hash[16];
 	static uchar lm_hash[16];
 	UNISTR2 new_pw;
+	char buf[512];
 	uint32 len;
+	uint32 i;
 
-	if (!decode_pw_buffer(id24->pass, (char *)new_pw.buffer, 256, &len))
+	if (!decode_pw_buffer(id24->pass, buf, 256, &len))
 	{
 		return False;
 	}
@@ -472,6 +474,11 @@ static BOOL set_user_info_24(TDB_CONTEXT * usr_tdb,
 	new_pw.uni_max_len = len / 2;
 	new_pw.uni_str_len = len / 2;
 
+	for (i = 0; i < new_pw.uni_str_len; i++)
+	{
+		new_pw.buffer[i] = SVAL(buf, i*2);
+	}
+
 	nt_lm_owf_genW(&new_pw, nt_hash, lm_hash);
 
 	return tdb_set_userinfo_pwds(usr_tdb, lm_hash, nt_hash);