2 Unix SMB/Netbios implementation.
4 Password cacheing. obfuscation is planned
5 Copyright (C) Luke Kenneth Casson Leighton 1996-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 /****************************************************************************
25 Initialises a password structure.
26 ****************************************************************************/
28 void pwd_init(struct pwd_info
*pwd
)
30 memset((char *)pwd
->password
, '\0', sizeof(pwd
->password
));
31 memset((char *)pwd
->smb_lm_pwd
, '\0', sizeof(pwd
->smb_lm_pwd
));
32 memset((char *)pwd
->smb_nt_pwd
, '\0', sizeof(pwd
->smb_nt_pwd
));
33 memset((char *)pwd
->smb_lm_owf
, '\0', sizeof(pwd
->smb_lm_owf
));
34 memset((char *)pwd
->smb_nt_owf
, '\0', sizeof(pwd
->smb_nt_owf
));
36 pwd
->null_pwd
= True
; /* safest option... */
37 pwd
->cleartext
= False
;
41 /****************************************************************************
42 Returns NULL password flag.
43 ****************************************************************************/
45 BOOL
pwd_is_nullpwd(const struct pwd_info
*pwd
)
50 /****************************************************************************
51 Compares two passwords. hmm, not as trivial as expected. hmm.
52 ****************************************************************************/
54 BOOL
pwd_compare(struct pwd_info
*pwd1
, struct pwd_info
*pwd2
)
56 if (pwd1
->cleartext
&& pwd2
->cleartext
) {
57 if (strequal(pwd1
->password
, pwd2
->password
))
60 if (pwd1
->null_pwd
&& pwd2
->null_pwd
)
63 if (!pwd1
->null_pwd
&& !pwd2
->null_pwd
&&
64 !pwd1
->cleartext
&& !pwd2
->cleartext
) {
66 DEBUG(100,("pwd compare: nt#\n"));
67 dump_data(100, pwd1
->smb_nt_pwd
, 16);
68 dump_data(100, pwd2
->smb_nt_pwd
, 16);
70 if (memcmp(pwd1
->smb_nt_pwd
, pwd2
->smb_nt_pwd
, 16) == 0)
73 DEBUG(100,("pwd compare: lm#\n"));
74 dump_data(100, pwd1
->smb_lm_pwd
, 16);
75 dump_data(100, pwd2
->smb_lm_pwd
, 16);
77 if (memcmp(pwd1
->smb_lm_pwd
, pwd2
->smb_lm_pwd
, 16) == 0)
83 /****************************************************************************
85 ****************************************************************************/
87 void pwd_read(struct pwd_info
*pwd
, char *passwd_report
, BOOL do_encrypt
)
94 user_pass
= (char*)getpass(passwd_report
);
97 * Do not assume that an empty string is a NULL password.
98 * If you do this will break the session key generation for
99 * and account with an emtpy password. If you wish to use
100 * a NULL password, use the -N option to smbclient and rpcclient
104 if (user_pass
== NULL
|| user_pass
[0] == 0)
105 pwd_set_nullpwd(pwd
);
109 pwd_make_lm_nt_16(pwd
, user_pass
);
111 pwd_set_cleartext(pwd
, user_pass
);
114 /****************************************************************************
115 Stores a cleartext password.
116 ****************************************************************************/
118 void pwd_set_nullpwd(struct pwd_info
*pwd
)
122 pwd
->cleartext
= False
;
123 pwd
->null_pwd
= True
;
124 pwd
->crypted
= False
;
127 /****************************************************************************
128 Stores a cleartext password.
129 ****************************************************************************/
131 void pwd_set_cleartext(struct pwd_info
*pwd
, char *clr
)
134 fstrcpy(pwd
->password
, clr
);
135 unix_to_dos(pwd
->password
);
136 pwd
->cleartext
= True
;
137 pwd
->null_pwd
= False
;
138 pwd
->crypted
= False
;
141 /****************************************************************************
142 Gets a cleartext password.
143 ****************************************************************************/
145 void pwd_get_cleartext(struct pwd_info
*pwd
, char *clr
)
147 if (pwd
->cleartext
) {
148 fstrcpy(clr
, pwd
->password
);
155 /****************************************************************************
156 Stores lm and nt hashed passwords.
157 ****************************************************************************/
159 void pwd_set_lm_nt_16(struct pwd_info
*pwd
, uchar lm_pwd
[16], uchar nt_pwd
[16])
164 memcpy(pwd
->smb_lm_pwd
, lm_pwd
, 16);
166 memset((char *)pwd
->smb_lm_pwd
, '\0', 16);
169 memcpy(pwd
->smb_nt_pwd
, nt_pwd
, 16);
171 memset((char *)pwd
->smb_nt_pwd
, '\0', 16);
173 pwd
->null_pwd
= False
;
174 pwd
->cleartext
= False
;
175 pwd
->crypted
= False
;
178 /****************************************************************************
179 Gets lm and nt hashed passwords.
180 ****************************************************************************/
182 void pwd_get_lm_nt_16(struct pwd_info
*pwd
, uchar lm_pwd
[16], uchar nt_pwd
[16])
185 memcpy(lm_pwd
, pwd
->smb_lm_pwd
, 16);
187 memcpy(nt_pwd
, pwd
->smb_nt_pwd
, 16);
190 /****************************************************************************
191 Makes lm and nt hashed passwords.
192 ****************************************************************************/
194 void pwd_make_lm_nt_16(struct pwd_info
*pwd
, char *clr
)
200 pstrcpy(dos_passwd
, clr
);
201 unix_to_dos(dos_passwd
);
203 nt_lm_owf_gen(dos_passwd
, pwd
->smb_nt_pwd
, pwd
->smb_lm_pwd
);
204 pwd
->null_pwd
= False
;
205 pwd
->cleartext
= False
;
206 pwd
->crypted
= False
;
209 /****************************************************************************
210 Makes lm and nt OWF crypts.
211 ****************************************************************************/
213 void pwd_make_lm_nt_owf(struct pwd_info
*pwd
, uchar cryptkey
[8])
216 #ifdef DEBUG_PASSWORD
217 DEBUG(100,("client cryptkey: "));
218 dump_data(100, (char *)cryptkey
, 8);
221 SMBOWFencrypt(pwd
->smb_nt_pwd
, cryptkey
, pwd
->smb_nt_owf
);
223 #ifdef DEBUG_PASSWORD
224 DEBUG(100,("nt_owf_passwd: "));
225 dump_data(100, (char *)pwd
->smb_nt_owf
, sizeof(pwd
->smb_nt_owf
));
226 DEBUG(100,("nt_sess_pwd: "));
227 dump_data(100, (char *)pwd
->smb_nt_pwd
, sizeof(pwd
->smb_nt_pwd
));
230 SMBOWFencrypt(pwd
->smb_lm_pwd
, cryptkey
, pwd
->smb_lm_owf
);
232 #ifdef DEBUG_PASSWORD
233 DEBUG(100,("lm_owf_passwd: "));
234 dump_data(100, (char *)pwd
->smb_lm_owf
, sizeof(pwd
->smb_lm_owf
));
235 DEBUG(100,("lm_sess_pwd: "));
236 dump_data(100, (char *)pwd
->smb_lm_pwd
, sizeof(pwd
->smb_lm_pwd
));
242 /****************************************************************************
243 Gets lm and nt crypts.
244 ****************************************************************************/
246 void pwd_get_lm_nt_owf(struct pwd_info
*pwd
, uchar lm_owf
[24], uchar nt_owf
[24])
249 memcpy(lm_owf
, pwd
->smb_lm_owf
, 24);
251 memcpy(nt_owf
, pwd
->smb_nt_owf
, 24);