summaryrefslogtreecommitdiff
path: root/source4/kdc
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2008-10-16 12:48:16 +1100
committerAndrew Bartlett <abartlet@samba.org>2008-10-16 12:48:16 +1100
commit7c88ea8aadfc2be0726cbe555543cfab8804c470 (patch)
tree56f84c94f69e06880c6ad416117f0a1d7e7f5882 /source4/kdc
parentfc54ca014b21b655b643697475c6a0c05e773fc4 (diff)
downloadsamba-7c88ea8aadfc2be0726cbe555543cfab8804c470.tar.gz
Create a 'straight paper path' for UTF16 passwords.
This uses a virtual attribute 'clearTextPassword' (name chosen to match references in MS-SAMR) that contains the length-limited blob containing an allegidly UTF16 password. This ensures we do no validation or filtering of the password before we get a chance to MD4 it. We can then do the required munging into UTF8, and in future implement the rules Microsoft has provided us with for invalid inputs. All layers in the process now deal with the strings as length-limited inputs, incluing the krb5 string2key calls. This commit also includes a small change to samdb_result_passwords() to ensure that LM passwords are not returned to the application logic if LM authentication is disabled. The objectClass module has been modified to allow the clearTextPassword attribute to pass down the stack. Andrew Bartlett
Diffstat (limited to 'source4/kdc')
-rw-r--r--source4/kdc/kpasswdd.c37
1 files changed, 26 insertions, 11 deletions
diff --git a/source4/kdc/kpasswdd.c b/source4/kdc/kpasswdd.c
index d662844c4eb..1336b0157ec 100644
--- a/source4/kdc/kpasswdd.c
+++ b/source4/kdc/kpasswdd.c
@@ -175,7 +175,7 @@ static bool kpasswd_make_pwchange_reply(struct kdc_server *kdc,
static bool kpasswdd_change_password(struct kdc_server *kdc,
TALLOC_CTX *mem_ctx,
struct auth_session_info *session_info,
- const char *password,
+ const DATA_BLOB *password,
DATA_BLOB *reply)
{
NTSTATUS status;
@@ -219,6 +219,8 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
DATA_BLOB *reply)
{
struct auth_session_info *session_info;
+ ssize_t pw_len;
+
if (!NT_STATUS_IS_OK(gensec_session_info(gensec_security,
&session_info))) {
return kpasswdd_make_error_reply(kdc, mem_ctx,
@@ -230,12 +232,20 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
switch (version) {
case KRB5_KPASSWD_VERS_CHANGEPW:
{
- char *password = talloc_strndup(mem_ctx, (const char *)input->data, input->length);
- if (!password) {
+ DATA_BLOB password;
+ pw_len = convert_string_talloc(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx),
+ CH_UTF8, CH_UTF16,
+ (const char *)input->data,
+ input->length,
+ (void **)&password.data);
+
+ if (pw_len == -1) {
return false;
}
+ password.length = pw_len;
+
return kpasswdd_change_password(kdc, mem_ctx, session_info,
- password, reply);
+ &password, reply);
break;
}
case KRB5_KPASSWD_VERS_SETPW:
@@ -248,7 +258,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
krb5_context context = kdc->smb_krb5_context->krb5_context;
ChangePasswdDataMS chpw;
- char *password;
+ DATA_BLOB password;
krb5_principal principal;
char *set_password_on_princ;
@@ -271,13 +281,18 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
reply);
}
- password = talloc_strndup(mem_ctx,
- (const char *)chpw.newpasswd.data,
- chpw.newpasswd.length);
- if (!password) {
+ pw_len = convert_string_talloc(mem_ctx, lp_iconv_convenience(kdc->task->lp_ctx),
+ CH_UTF8, CH_UTF16,
+ (const char *)chpw.newpasswd.data,
+ chpw.newpasswd.length,
+ (void **)&password.data);
+ if (pw_len == -1) {
free_ChangePasswdDataMS(&chpw);
return false;
}
+
+ password.length = pw_len;
+
if ((chpw.targname && !chpw.targrealm)
|| (!chpw.targname && chpw.targrealm)) {
return kpasswdd_make_error_reply(kdc, mem_ctx,
@@ -306,7 +321,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
} else {
free_ChangePasswdDataMS(&chpw);
return kpasswdd_change_password(kdc, mem_ctx, session_info,
- password, reply);
+ &password, reply);
}
free_ChangePasswdDataMS(&chpw);
@@ -371,7 +386,7 @@ static bool kpasswd_process_request(struct kdc_server *kdc,
/* Admin password set */
status = samdb_set_password(samdb, mem_ctx,
set_password_on_dn, NULL,
- msg, password, NULL, NULL,
+ msg, &password, NULL, NULL,
false, /* this is not a user password change */
&reject_reason, &dominfo);
}