Changeset 745 for trunk/server/source3/auth/pass_check.c
- Timestamp:
- Nov 27, 2012, 4:43:17 PM (13 years ago)
- Location:
- trunk/server
- Files:
-
- 2 edited
-
. (modified) (1 prop)
-
source3/auth/pass_check.c (modified) (18 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/server
- Property svn:mergeinfo changed
/vendor/current merged: 581,587,591,594,597,600,615,618,740
- Property svn:mergeinfo changed
-
trunk/server/source3/auth/pass_check.c
r414 r745 1 /* 1 /* 2 2 Unix SMB/CIFS implementation. 3 3 Password checking 4 4 Copyright (C) Andrew Tridgell 1992-1998 5 5 6 6 This program is free software; you can redistribute it and/or modify 7 7 it under the terms of the GNU General Public License as published by 8 8 the Free Software Foundation; either version 3 of the License, or 9 9 (at your option) any later version. 10 10 11 11 This program is distributed in the hope that it will be useful, 12 12 but WITHOUT ANY WARRANTY; without even the implied warranty of 13 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 14 GNU General Public License for more details. 15 15 16 16 You should have received a copy of the GNU General Public License 17 17 along with this program. If not, see <http://www.gnu.org/licenses/>. … … 22 22 23 23 #include "includes.h" 24 #include "system/passwd.h" 25 #include "auth.h" 24 26 25 27 #undef DBGC_CLASS 26 28 #define DBGC_CLASS DBGC_AUTH 29 30 /* what is the longest significant password available on your system? 31 Knowing this speeds up password searches a lot */ 32 #ifndef PASSWORD_LENGTH 33 #define PASSWORD_LENGTH 8 34 #endif 27 35 28 36 /* these are kept here to keep the string_combinations function simple */ … … 493 501 it assumes the string starts lowercased 494 502 ****************************************************************************/ 495 static NTSTATUS string_combinations2(char *s, int offset, NTSTATUS (*fn) (const char *), 496 int N) 503 static NTSTATUS string_combinations2(char *s, int offset, 504 NTSTATUS (*fn)(const char *s, 505 void *private_data), 506 int N, void *private_data) 497 507 { 498 508 int len = strlen(s); … … 505 515 506 516 if (N <= 0 || offset >= len) 507 return (fn(s ));517 return (fn(s, private_data)); 508 518 509 519 for (i = offset; i < (len - (N - 1)); i++) { 510 520 char c = s[i]; 511 if (!islower_ ascii(c))521 if (!islower_m(c)) 512 522 continue; 513 s[i] = toupper_ascii(c); 514 if (!NT_STATUS_EQUAL(nt_status = string_combinations2(s, i + 1, fn, N - 1),NT_STATUS_WRONG_PASSWORD)) { 515 return (nt_status); 523 s[i] = toupper_m(c); 524 nt_status = string_combinations2(s, i + 1, fn, N - 1, 525 private_data); 526 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) { 527 return nt_status; 516 528 } 517 529 s[i] = c; … … 527 539 it assumes the string starts lowercased 528 540 ****************************************************************************/ 529 static NTSTATUS string_combinations(char *s, NTSTATUS (*fn) (const char *), int N) 541 static NTSTATUS string_combinations(char *s, 542 NTSTATUS (*fn)(const char *s, 543 void *private_data), 544 int N, void *private_data) 530 545 { 531 546 int n; 532 547 NTSTATUS nt_status; 533 for (n = 1; n <= N; n++) 534 if (!NT_STATUS_EQUAL(nt_status = string_combinations2(s, 0, fn, n), NT_STATUS_WRONG_PASSWORD)) 548 for (n = 1; n <= N; n++) { 549 nt_status = string_combinations2(s, 0, fn, n, private_data); 550 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) { 535 551 return nt_status; 552 } 553 } 536 554 return NT_STATUS_WRONG_PASSWORD; 537 555 } … … 541 559 core of password checking routine 542 560 ****************************************************************************/ 543 static NTSTATUS password_check(const char *password )561 static NTSTATUS password_check(const char *password, void *private_data) 544 562 { 545 563 #ifdef WITH_PAM 546 return smb_pam_passcheck(get_this_user(), password); 564 const char *rhost = (const char *)private_data; 565 return smb_pam_passcheck(get_this_user(), rhost, password); 547 566 #else 548 567 … … 560 579 561 580 #ifdef OSF1_ENH_SEC 562 581 563 582 ret = (strcmp(osf1_bigcrypt(password, get_this_salt()), 564 583 get_this_crypted()) == 0); … … 573 592 return NT_STATUS_WRONG_PASSWORD; 574 593 } 575 594 576 595 #endif /* OSF1_ENH_SEC */ 577 596 578 597 #ifdef ULTRIX_AUTH 579 598 ret = (strcmp((char *)crypt16(password, get_this_salt()), get_this_crypted()) == 0); … … 583 602 return NT_STATUS_WRONG_PASSWORD; 584 603 } 585 604 586 605 #endif /* ULTRIX_AUTH */ 587 606 588 607 #ifdef LINUX_BIGCRYPT 589 608 ret = (linux_bigcrypt(password, get_this_salt(), get_this_crypted())); … … 594 613 } 595 614 #endif /* LINUX_BIGCRYPT */ 596 615 597 616 #if defined(HAVE_BIGCRYPT) && defined(HAVE_CRYPT) && defined(USE_BOTH_CRYPT_CALLS) 598 617 599 618 /* 600 619 * Some systems have bigcrypt in the C library but might not … … 614 633 } 615 634 #else /* HAVE_BIGCRYPT && HAVE_CRYPT && USE_BOTH_CRYPT_CALLS */ 616 635 617 636 #ifdef HAVE_BIGCRYPT 618 637 ret = (strcmp(bigcrypt(password, get_this_salt()), get_this_crypted()) == 0); … … 623 642 } 624 643 #endif /* HAVE_BIGCRYPT */ 625 644 626 645 #ifndef HAVE_CRYPT 627 646 DEBUG(1, ("Warning - no crypt available\n")); … … 648 667 ****************************************************************************/ 649 668 650 NTSTATUS pass_check(const struct passwd *pass, const char *user, const char *password, 651 int pwlen, bool (*fn) (const char *, const char *), bool run_cracker) 669 NTSTATUS pass_check(const struct passwd *pass, 670 const char *user, 671 const char *rhost, 672 const char *password, 673 bool run_cracker) 652 674 { 653 675 char *pass2 = NULL; … … 663 685 return NT_STATUS_LOGON_FAILURE; 664 686 665 if (( (!*password) || (!pwlen)) && !lp_null_passwords())687 if ((!*password) && !lp_null_passwords()) 666 688 return NT_STATUS_LOGON_FAILURE; 667 689 … … 677 699 } 678 700 679 DEBUG(4, ("pass_check: Checking (PAM) password for user %s (l=%d)\n", user, pwlen));701 DEBUG(4, ("pass_check: Checking (PAM) password for user %s\n", user)); 680 702 681 703 #else /* Not using PAM */ 682 704 683 DEBUG(4, ("pass_check: Checking password for user %s (l=%d)\n", user, pwlen));705 DEBUG(4, ("pass_check: Checking password for user %s\n", user)); 684 706 685 707 if (!pass) { … … 819 841 820 842 /* try it as it came to us */ 821 nt_status = password_check(password );843 nt_status = password_check(password, (void *)rhost); 822 844 if NT_STATUS_IS_OK(nt_status) { 823 if (fn) {824 fn(user, password);825 }826 845 return (nt_status); 827 846 } else if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_WRONG_PASSWORD)) { … … 850 869 if (strhasupper(pass2)) { 851 870 strlower_m(pass2); 852 if NT_STATUS_IS_OK(nt_status = password_check(pass2)) { 853 if (fn) 854 fn(user, pass2); 871 nt_status = password_check(pass2, (void *)rhost); 872 if (NT_STATUS_IS_OK(nt_status)) { 855 873 return (nt_status); 856 874 } … … 864 882 /* last chance - all combinations of up to level chars upper! */ 865 883 strlower_m(pass2); 866 867 if (NT_STATUS_IS_OK(nt_status = string_combinations(pass2, password_check, level))) { 868 if (fn) 869 fn(user, pass2); 884 885 nt_status = string_combinations(pass2, password_check, level, 886 (void *)rhost); 887 if (NT_STATUS_IS_OK(nt_status)) { 870 888 return nt_status; 871 889 } 872 890 873 891 return NT_STATUS_WRONG_PASSWORD; 874 892 }
Note:
See TracChangeset
for help on using the changeset viewer.
