set user info 2 - 0x12 sorted out, client and server side. i hope.

3 files changed, 65 insertions, 24 deletions

diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c
index 27a30cd1343..2cf46859268 100644
--- a/source/rpc_parse/parse_samr.c
+++ b/source/rpc_parse/parse_samr.c
@@ -5894,6 +5894,8 @@ BOOL make_samr_q_set_userinfo2(SAMR_Q_SET_USERINFO2 *q_u,
 				uint16 switch_value, 
 				SAM_USERINFO_CTR *ctr)
 {
+	uint8 usr_sess_key[16];
+
 	if (q_u == NULL || hnd == NULL) return False;
 
 	DEBUG(5,("make_samr_q_set_userinfo2\n"));
@@ -5907,6 +5909,25 @@ BOOL make_samr_q_set_userinfo2(SAMR_Q_SET_USERINFO2 *q_u,
 		q_u->ctr->switch_value = switch_value;
 	}
 
+	if (!cli_get_usr_sesskey(hnd, usr_sess_key))
+	{
+		DEBUG(0,("make_samr_set_userinfo: could not obtain session key\n"));
+		return False;
+	}
+
+	switch (switch_value)
+	{
+		case 0x12:
+		{
+			SamOEMhash(ctr->info.id12->lm_pwd, usr_sess_key, 0);
+			SamOEMhash(ctr->info.id12->nt_pwd, usr_sess_key, 0);
+			dump_data_pw("sess_key", usr_sess_key, 16);
+			dump_data_pw("passwd", ctr->info.id12->lm_pwd, 16);
+			dump_data_pw("passwd", ctr->info.id12->nt_pwd, 16);
+			break;
+		}
+	}
+
 	return True;
 }
 
diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c
index 3243981bc55..b9ddd43d5fd 100644
--- a/source/rpcclient/cmd_samr.c
+++ b/source/rpcclient/cmd_samr.c
@@ -2391,6 +2391,10 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[])
 	uint16 acb_set = 0x0;
 	uint16 acb_clr = 0x0;
 
+	BOOL set_passwd = False;
+
+	fstring password;
+
 	fstrcpy(srv_name, "\\\\");
 	fstrcat(srv_name, info->dest_host);
 	strupper(srv_name);
@@ -2418,10 +2422,17 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[])
 
 	safe_strcpy(user_name, argv[0], sizeof(user_name));
 
-	while ((opt = getopt(argc, argv,"s:c:")) != EOF)
+	while ((opt = getopt(argc, argv,"s:c:p:")) != EOF)
 	{
 		switch (opt)
 		{
+			case 'p':
+			{
+				set_passwd = True;
+				safe_strcpy(password, optarg,
+					    sizeof(password)-1);
+				break;
+			}
 			case 's':
 			{
 				set_acb_bits = True;
@@ -2455,8 +2466,28 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[])
 					1, names,
 					&num_rids, &rids, &types) : False;
 
+
+	if (set_passwd && res1 && num_rids == 1)
+	{
+		void *usr = NULL;
+		uint32 switch_value = 0;
+
+		SAM_USER_INFO_12 *p = (SAM_USER_INFO_12 *)malloc(sizeof(SAM_USER_INFO_12));
+		usr = (void*)p;
+		switch_value = 0x12;
+		
+		if (usr != NULL)
+		{
+			nt_lm_owf_gen(password, p->nt_pwd, p->lm_pwd);
+			p->acb_info = 0x101;
+			res1 = set_samr_set_userinfo2( &pol_dom,
+					    switch_value, rids[0], usr);
+		}
+	}
+
 	/* send set user info */
-	if (res1 && num_rids == 1 && get_samr_query_userinfo( &pol_dom,
+	if ((!set_passwd) && res1 && num_rids == 1 &&
+	                  get_samr_query_userinfo( &pol_dom,
 						    0x10, rids[0],
 	                                            &ctr))
 	{
@@ -2504,14 +2535,8 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[])
 		report(out_hnd, "Set User Info: Failed\n");
 		DEBUG(5,("cmd_sam_query_user: failed\n"));
 	}
-	if (rids != NULL)
-	{
-		free(rids);
-	}
-	if (types != NULL)
-	{
-		free(types);
-	}
+	safe_free(rids);
+	safe_free(types);
 	free_samr_userinfo_ctr(&ctr);
 }
 
@@ -2675,11 +2700,8 @@ void cmd_sam_set_userinfo(struct client_info *info, int argc, char *argv[])
 				usr21->logon_divs,
 				&usr21->logon_hrs,
 				usr21->unknown_5,
-				pwbuf
-#if 0
-				, usr21->unknown_6
-#endif
-				);
+				pwbuf,
+				usr21->unknown_6);
 
 			usr = p;
 			switch_value = 23;
diff --git a/source/samrd/srv_samr_usr_tdb.c b/source/samrd/srv_samr_usr_tdb.c
index 056fd34d3b1..669c8e4b914 100644
--- a/source/samrd/srv_samr_usr_tdb.c
+++ b/source/samrd/srv_samr_usr_tdb.c
@@ -614,8 +614,6 @@ uint32 _samr_set_userinfo(const POLICY_HND *pol, uint16 switch_value,
 		case 0x12:
 		{
 			SAM_USER_INFO_12 *id12 = ctr->info.id12;
-			SamOEMhash(id12->lm_pwd, user_sess_key, 0);
-			SamOEMhash(id12->nt_pwd, user_sess_key, 0);
 			if (!set_user_info_12(tdb_usr, id12))
 			{
 				DEBUG(10,
@@ -707,13 +705,13 @@ uint32 _samr_set_userinfo2(const POLICY_HND *pol, uint16 switch_value,
 		case 0x12:
 		{
 			SAM_USER_INFO_12 *id12 = ctr->info.id12;
-#if 0
-			lm_owf_gen("test", user_sess_key);
-#endif
-			dump_data_pw("user_sess_key:", user_sess_key, 16);
-			SamOEMhash(id12->lm_pwd, user_sess_key, 3);
-			SamOEMhash(id12->nt_pwd, user_sess_key, 3);
-			dump_data_pw("user_sess_key:", id12->nt_pwd, 16);
+			SamOEMhash(id12->lm_pwd, user_sess_key, 0);
+			SamOEMhash(id12->nt_pwd, user_sess_key, 0);
+
+			dump_data_pw("sess_key:\n", user_sess_key, 16);
+			dump_data_pw("lm_pwd:\n", id12->lm_pwd, 16);
+			dump_data_pw("nt_pwd:\n", id12->nt_pwd, 16);
+
 			if (!set_user_info_12(tdb_usr, id12))
 			{
 				DEBUG(10,