The Samba-Bugzilla – Attachment 11338 Details for
Bug 11441
Smart Card Logins break client-side DPAPI (among others)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Store and pass NT/LM-password through auth_user_info_dc structure for PAC_CREDENTIAL_SECPKG.
0002-Store-user-LM-NT-passwords-in-auth_user_info_dc-stru.patch (text/plain), 3.64 KB, created by
Heiko Wundram
on 2015-08-16 19:52:10 UTC
(
hide
)
Description:
Store and pass NT/LM-password through auth_user_info_dc structure for PAC_CREDENTIAL_SECPKG.
Filename:
MIME Type:
Creator:
Heiko Wundram
Created:
2015-08-16 19:52:10 UTC
Size:
3.64 KB
patch
obsolete
>From b5a9f7c684d494375899864435403055b7b0e45a Mon Sep 17 00:00:00 2001 >From: root <root@vpn.gehrkens.it> >Date: Sun, 16 Aug 2015 21:14:40 +0200 >Subject: [PATCH 2/4] Store user LM/NT-passwords in auth_user_info_dc > structure. > >To be able to use the user passwords in the Kerberos PAC generation functions, >store them as an additional field in the function that prepares the corresponding >auth_user_info_dc structure for the PAC generation helpers. >--- > librpc/idl/auth.idl | 1 + > source4/auth/sam.c | 30 ++++++++++++++++++++++++++++-- > 2 files changed, 29 insertions(+), 2 deletions(-) > >diff --git a/librpc/idl/auth.idl b/librpc/idl/auth.idl >index 0bed671..5bd0c79 100644 >--- a/librpc/idl/auth.idl >+++ b/librpc/idl/auth.idl >@@ -80,6 +80,7 @@ interface auth > auth_user_info *info; > [noprint] DATA_BLOB user_session_key; > [noprint] DATA_BLOB lm_session_key; >+ PAC_CREDENTIAL_NTLM_SECPKG *passwords; > } auth_user_info_dc; > > typedef [public] struct { >diff --git a/source4/auth/sam.c b/source4/auth/sam.c >index 767e44c..4085aa9 100644 >--- a/source4/auth/sam.c >+++ b/source4/auth/sam.c >@@ -281,6 +281,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, > NTSTATUS status; > struct auth_user_info_dc *user_info_dc; > struct auth_user_info *info; >+ struct PAC_CREDENTIAL_NTLM_SECPKG *passwords; > const char *str, *filter; > /* SIDs for the account and his primary group */ > struct dom_sid *account_sid; >@@ -293,12 +294,13 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, > struct dom_sid *domain_sid; > TALLOC_CTX *tmp_ctx; > struct ldb_message_element *el; >+ const struct ldb_val *val; > > user_info_dc = talloc(mem_ctx, struct auth_user_info_dc); > NT_STATUS_HAVE_NO_MEMORY(user_info_dc); > > tmp_ctx = talloc_new(user_info_dc); >- NT_STATUS_HAVE_NO_MEMORY_AND_FREE(user_info_dc, user_info_dc); >+ NT_STATUS_HAVE_NO_MEMORY_AND_FREE(tmp_ctx, user_info_dc); > > sids = talloc_array(user_info_dc, struct dom_sid, 2); > NT_STATUS_HAVE_NO_MEMORY_AND_FREE(sids, user_info_dc); >@@ -366,7 +368,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, > user_info_dc->num_sids = num_sids; > > user_info_dc->info = info = talloc_zero(user_info_dc, struct auth_user_info); >- NT_STATUS_HAVE_NO_MEMORY(user_info_dc->info); >+ NT_STATUS_HAVE_NO_MEMORY_AND_FREE(user_info_dc->info, user_info_dc); > > info->account_name = talloc_steal(info, > ldb_msg_find_attr_as_string(msg, "sAMAccountName", NULL)); >@@ -435,6 +437,30 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, > user_info_dc); > } > >+ user_info_dc->passwords = passwords = >+ talloc_zero(user_info_dc, struct PAC_CREDENTIAL_NTLM_SECPKG); >+ NT_STATUS_HAVE_NO_MEMORY_AND_FREE(user_info_dc->passwords, user_info_dc); >+ >+ val = ldb_msg_find_ldb_val(msg, "dBCSPwd"); >+ if (val && (val->length >= sizeof(passwords->lmpwd.hash))) { >+ DEBUG(5, ("Passing LM password hash through credentials set\n")); >+ passwords->flags |= PAC_CREDENTIAL_NTLM_HAS_LMPWD; >+ memcpy(passwords->lmpwd.hash, val->data, MIN(val->length, >+ sizeof(passwords->lmpwd.hash))); >+ } else { >+ DEBUG(2, ("No LM password hash present, not passing through credset\n")); >+ } >+ >+ val = ldb_msg_find_ldb_val(msg, "unicodePwd"); >+ if (val && (val->length >= sizeof(passwords->ntpwd.hash))) { >+ DEBUG(5, ("Passing NT password hash through credentials set\n")); >+ passwords->flags |= PAC_CREDENTIAL_NTLM_HAS_NTPWD; >+ memcpy(passwords->ntpwd.hash, val->data, MIN(val->length, >+ sizeof(passwords->ntpwd.hash))); >+ } else { >+ DEBUG(2, ("No NT Password hash present, not passing through credset\n")); >+ } >+ > if (info->acct_flags & ACB_SVRTRUST) { > /* the SID_NT_ENTERPRISE_DCS SID gets added into the > PAC */ >-- >2.1.4 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=11338">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 11441
:
11337
| 11338 |
11339
|
11340