Author: ekohl Date: Sun Jul 7 20:27:38 2013 New Revision: 59449 URL: http://svn.reactos.org/svn/reactos?rev=59449&view=rev Log: [SAMSRV] SamrChangePasswordUser: Check the old password before storing the new one. Modified: trunk/reactos/dll/win32/samsrv/samrpc.c Modified: trunk/reactos/dll/win32/samsrv/samrpc.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/samsrv/samrpc.c?… ============================================================================== --- trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/samsrv/samrpc.c [iso-8859-1] Sun Jul 7 20:27:38 2013 @@ -7471,12 +7471,18 @@ { ENCRYPTED_LM_OWF_PASSWORD StoredLmPassword; ENCRYPTED_NT_OWF_PASSWORD StoredNtPassword; + PENCRYPTED_LM_OWF_PASSWORD OldLmPassword; + PENCRYPTED_LM_OWF_PASSWORD NewLmPassword; + PENCRYPTED_NT_OWF_PASSWORD OldNtPassword; + PENCRYPTED_NT_OWF_PASSWORD NewNtPassword; PSAM_DB_OBJECT UserObject; ULONG Length; NTSTATUS Status; - TRACE("(%p %u %u)\n", - UserHandle, LmPresent, NtPresent); + TRACE("(%p %u %p %p %u %p %p %u %p %u %p)\n", + UserHandle, LmPresent, OldLmEncryptedWithNewLm, NewLmEncryptedWithOldLm, + NtPresent, OldNtEncryptedWithNewNt, NewNtEncryptedWithOldNt, NtCrossEncryptionPresent, + NewNtEncryptedWithNewLm, LmCrossEncryptionPresent, NewLmEncryptedWithNewNt); /* Validate the user handle */ Status = SampValidateDbObject(UserHandle, @@ -7513,36 +7519,94 @@ } - /* FIXME: Check if the old passwords match the stored ones */ - + /* FIXME: Decrypt passwords */ + OldLmPassword = OldLmEncryptedWithNewLm; + NewLmPassword = NewLmEncryptedWithOldLm; + OldNtPassword = OldNtEncryptedWithNewNt; + NewNtPassword = NewNtEncryptedWithOldNt; + + /* Check if the old passwords match the stored ones */ + if (NtPresent) + { + if (LmPresent) + { + if (!RtlEqualMemory(&StoredLmPassword, + OldLmPassword, + sizeof(ENCRYPTED_LM_OWF_PASSWORD))) + { + TRACE("Old LM Password does not match!\n"); + Status = STATUS_WRONG_PASSWORD; + } + else + { + if (!RtlEqualMemory(&StoredNtPassword, + OldNtPassword, + sizeof(ENCRYPTED_LM_OWF_PASSWORD))) + { + TRACE("Old NT Password does not match!\n"); + Status = STATUS_WRONG_PASSWORD; + } + } + } + else + { + if (!RtlEqualMemory(&StoredNtPassword, + OldNtPassword, + sizeof(ENCRYPTED_LM_OWF_PASSWORD))) + { + TRACE("Old NT Password does not match!\n"); + Status = STATUS_WRONG_PASSWORD; + } + } + } + else + { + if (LmPresent) + { + if (!RtlEqualMemory(&StoredLmPassword, + OldLmPassword, + sizeof(ENCRYPTED_LM_OWF_PASSWORD))) + { + TRACE("Old LM Password does not match!\n"); + Status = STATUS_WRONG_PASSWORD; + } + } + else + { + Status = STATUS_INVALID_PARAMETER; + } + } /* Store the new LM password */ - if (LmPresent) - { - Length = sizeof(ENCRYPTED_LM_OWF_PASSWORD); - Status = SampSetObjectAttribute(UserObject, - L"LMPwd", - REG_BINARY, - NewLmEncryptedWithOldLm, - Length); - if (!NT_SUCCESS(Status)) - { - goto done; - } - } - - /* Store the new NT password */ - if (NtPresent) - { - Length = sizeof(ENCRYPTED_NT_OWF_PASSWORD); - Status = SampSetObjectAttribute(UserObject, - L"NTPwd", - REG_BINARY, - NewNtEncryptedWithOldNt, - Length); - if (!NT_SUCCESS(Status)) - { - goto done; + if (NT_SUCCESS(Status)) + { + if (LmPresent) + { + Length = sizeof(ENCRYPTED_LM_OWF_PASSWORD); + Status = SampSetObjectAttribute(UserObject, + L"LMPwd", + REG_BINARY, + NewLmPassword, + Length); + if (!NT_SUCCESS(Status)) + { + goto done; + } + } + + /* Store the new NT password */ + if (NtPresent) + { + Length = sizeof(ENCRYPTED_NT_OWF_PASSWORD); + Status = SampSetObjectAttribute(UserObject, + L"NTPwd", + REG_BINARY, + NewNtPassword, + Length); + if (!NT_SUCCESS(Status)) + { + goto done; + } } }