📄 pdb_get_set.c
字号:
DEBUG(0, ("pdb_set_unix_home_dir: talloc_strdup() failed!\n")); return False; } } else { sampass->private_u.unix_home_dir = PDB_NOT_QUITE_NULL; } return pdb_set_init_flags(sampass, PDB_UNIXHOMEDIR, flag);}/********************************************************************* Set the user's account description. ********************************************************************/BOOL pdb_set_acct_desc (SAM_ACCOUNT *sampass, const char *acct_desc, enum pdb_value_state flag){ if (!sampass) return False; if (acct_desc) { sampass->private_u.acct_desc = talloc_strdup(sampass->mem_ctx, acct_desc); if (!sampass->private_u.acct_desc) { DEBUG(0, ("pdb_set_acct_desc: talloc_strdup() failed!\n")); return False; } } else { sampass->private_u.acct_desc = PDB_NOT_QUITE_NULL; } return pdb_set_init_flags(sampass, PDB_ACCTDESC, flag);}/********************************************************************* Set the user's workstation allowed list. ********************************************************************/BOOL pdb_set_workstations (SAM_ACCOUNT *sampass, const char *workstations, enum pdb_value_state flag){ if (!sampass) return False; if (workstations) { DEBUG(10, ("pdb_set_workstations: setting workstations %s, was %s\n", workstations, (sampass->private_u.workstations)?(sampass->private_u.workstations):"NULL")); sampass->private_u.workstations = talloc_strdup(sampass->mem_ctx, workstations); if (!sampass->private_u.workstations) { DEBUG(0, ("pdb_set_workstations: talloc_strdup() failed!\n")); return False; } } else { sampass->private_u.workstations = PDB_NOT_QUITE_NULL; } return pdb_set_init_flags(sampass, PDB_WORKSTATIONS, flag);}/********************************************************************* Set the user's 'unknown_str', whatever the heck this actually is... ********************************************************************/BOOL pdb_set_unknown_str (SAM_ACCOUNT *sampass, const char *unknown_str, enum pdb_value_state flag){ if (!sampass) return False; if (unknown_str) { sampass->private_u.unknown_str = talloc_strdup(sampass->mem_ctx, unknown_str); if (!sampass->private_u.unknown_str) { DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n")); return False; } } else { sampass->private_u.unknown_str = PDB_NOT_QUITE_NULL; } return pdb_set_init_flags(sampass, PDB_UNKNOWNSTR, flag);}/********************************************************************* Set the user's dial string. ********************************************************************/BOOL pdb_set_munged_dial (SAM_ACCOUNT *sampass, const char *munged_dial, enum pdb_value_state flag){ if (!sampass) return False; if (munged_dial) { sampass->private_u.munged_dial = talloc_strdup(sampass->mem_ctx, munged_dial); if (!sampass->private_u.munged_dial) { DEBUG(0, ("pdb_set_munged_dial: talloc_strdup() failed!\n")); return False; } } else { sampass->private_u.munged_dial = PDB_NOT_QUITE_NULL; } return pdb_set_init_flags(sampass, PDB_MUNGEDDIAL, flag);}/********************************************************************* Set the user's NT hash. ********************************************************************/BOOL pdb_set_nt_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[NT_HASH_LEN], enum pdb_value_state flag){ if (!sampass) return False; data_blob_clear_free(&sampass->private_u.nt_pw); if (pwd) { sampass->private_u.nt_pw = data_blob(pwd, NT_HASH_LEN); } else { sampass->private_u.nt_pw = data_blob(NULL, 0); } return pdb_set_init_flags(sampass, PDB_NTPASSWD, flag);}/********************************************************************* Set the user's LM hash. ********************************************************************/BOOL pdb_set_lanman_passwd (SAM_ACCOUNT *sampass, const uint8 pwd[LM_HASH_LEN], enum pdb_value_state flag){ if (!sampass) return False; data_blob_clear_free(&sampass->private_u.lm_pw); if (pwd) { sampass->private_u.lm_pw = data_blob(pwd, LM_HASH_LEN); } else { sampass->private_u.lm_pw = data_blob(NULL, 0); } return pdb_set_init_flags(sampass, PDB_LMPASSWD, flag);}/********************************************************************* Set the user's password history hash. historyLen is the number of PW_HISTORY_SALT_LEN+SALTED_MD5_HASH_LEN length entries to store in the history - this must match the size of the uint8 array in pwd.********************************************************************/BOOL pdb_set_pw_history (SAM_ACCOUNT *sampass, const uint8 *pwd, uint32 historyLen, enum pdb_value_state flag){ if (!sampass) return False; if (historyLen && pwd){ sampass->private_u.nt_pw_his = data_blob_talloc(sampass->mem_ctx, pwd, historyLen*PW_HISTORY_ENTRY_LEN); if (!sampass->private_u.nt_pw_his.length) { DEBUG(0, ("pdb_set_pw_history: data_blob_talloc() failed!\n")); return False; } } else { sampass->private_u.nt_pw_his = data_blob_talloc(sampass->mem_ctx, NULL, 0); } return pdb_set_init_flags(sampass, PDB_PWHISTORY, flag);}/********************************************************************* Set the user's plaintext password only (base procedure, see helper below) ********************************************************************/BOOL pdb_set_plaintext_pw_only (SAM_ACCOUNT *sampass, const char *password, enum pdb_value_state flag){ if (!sampass) return False; if (password) { if (sampass->private_u.plaintext_pw!=NULL) memset(sampass->private_u.plaintext_pw,'\0',strlen(sampass->private_u.plaintext_pw)+1); sampass->private_u.plaintext_pw = talloc_strdup(sampass->mem_ctx, password); if (!sampass->private_u.plaintext_pw) { DEBUG(0, ("pdb_set_unknown_str: talloc_strdup() failed!\n")); return False; } } else { sampass->private_u.plaintext_pw = NULL; } return pdb_set_init_flags(sampass, PDB_PLAINTEXT_PW, flag);}BOOL pdb_set_bad_password_count(SAM_ACCOUNT *sampass, uint16 bad_password_count, enum pdb_value_state flag){ if (!sampass) return False; sampass->private_u.bad_password_count = bad_password_count; return pdb_set_init_flags(sampass, PDB_BAD_PASSWORD_COUNT, flag);}BOOL pdb_set_logon_count(SAM_ACCOUNT *sampass, uint16 logon_count, enum pdb_value_state flag){ if (!sampass) return False; sampass->private_u.logon_count = logon_count; return pdb_set_init_flags(sampass, PDB_LOGON_COUNT, flag);}BOOL pdb_set_unknown_6 (SAM_ACCOUNT *sampass, uint32 unkn, enum pdb_value_state flag){ if (!sampass) return False; sampass->private_u.unknown_6 = unkn; return pdb_set_init_flags(sampass, PDB_UNKNOWN6, flag);}BOOL pdb_set_hours (SAM_ACCOUNT *sampass, const uint8 *hours, enum pdb_value_state flag){ if (!sampass) return False; if (!hours) { memset ((char *)sampass->private_u.hours, 0, MAX_HOURS_LEN); return True; } memcpy (sampass->private_u.hours, hours, MAX_HOURS_LEN); return pdb_set_init_flags(sampass, PDB_HOURS, flag);}BOOL pdb_set_backend_private_data (SAM_ACCOUNT *sampass, void *private_data, void (*free_fn)(void **), const struct pdb_methods *my_methods, enum pdb_value_state flag){ if (!sampass) return False; if (sampass->private_u.backend_private_data && sampass->private_u.backend_private_data_free_fn) { sampass->private_u.backend_private_data_free_fn(&sampass->private_u.backend_private_data); } sampass->private_u.backend_private_data = private_data; sampass->private_u.backend_private_data_free_fn = free_fn; sampass->private_u.backend_private_methods = my_methods; return pdb_set_init_flags(sampass, PDB_BACKEND_PRIVATE_DATA, flag);}/* Helpful interfaces to the above *//********************************************************************* Sets the last changed times and must change times for a normal password change. ********************************************************************/BOOL pdb_set_pass_changed_now (SAM_ACCOUNT *sampass){ uint32 expire; uint32 min_age; if (!sampass) return False; if (!pdb_set_pass_last_set_time (sampass, time(NULL), PDB_CHANGED)) return False; if (!pdb_get_account_policy(AP_MAX_PASSWORD_AGE, &expire) || (expire==(uint32)-1) || (expire == 0)) { if (!pdb_set_pass_must_change_time (sampass, get_time_t_max(), PDB_CHANGED)) return False; } else { if (!pdb_set_pass_must_change_time (sampass, pdb_get_pass_last_set_time(sampass) + expire, PDB_CHANGED)) return False; } if (!pdb_get_account_policy(AP_MIN_PASSWORD_AGE, &min_age) || (min_age==(uint32)-1)) { if (!pdb_set_pass_can_change_time (sampass, 0, PDB_CHANGED)) return False; } else { if (!pdb_set_pass_can_change_time (sampass, pdb_get_pass_last_set_time(sampass) + min_age, PDB_CHANGED)) return False; } return True;}/********************************************************************* Set the user's PLAINTEXT password. Used as an interface to the above. Also sets the last change time to NOW. ********************************************************************/BOOL pdb_set_plaintext_passwd (SAM_ACCOUNT *sampass, const char *plaintext){ uchar new_lanman_p16[LM_HASH_LEN]; uchar new_nt_p16[NT_HASH_LEN]; if (!sampass || !plaintext) return False; /* Calculate the MD4 hash (NT compatible) of the password */ E_md4hash(plaintext, new_nt_p16); if (!pdb_set_nt_passwd (sampass, new_nt_p16, PDB_CHANGED)) return False; if (!E_deshash(plaintext, new_lanman_p16)) { /* E_deshash returns false for 'long' passwords (> 14 DOS chars). This allows us to match Win2k, which does not store a LM hash for these passwords (which would reduce the effective password length to 14 */ if (!pdb_set_lanman_passwd (sampass, NULL, PDB_CHANGED)) return False; } else { if (!pdb_set_lanman_passwd (sampass, new_lanman_p16, PDB_CHANGED)) return False; } if (!pdb_set_plaintext_pw_only (sampass, plaintext, PDB_CHANGED)) return False; if (!pdb_set_pass_changed_now (sampass)) return False; /* Store the password history. */ if (pdb_get_acct_ctrl(sampass) & ACB_NORMAL) { uchar *pwhistory; uint32 pwHistLen; pdb_get_account_policy(AP_PASSWORD_HISTORY, &pwHistLen); if (pwHistLen != 0){ uint32 current_history_len; /* We need to make sure we don't have a race condition here - the account policy history length can change between when the pw_history was first loaded into the SAM_ACCOUNT struct and now.... JRA. */ pwhistory = (uchar *)pdb_get_pw_history(sampass, ¤t_history_len); if (current_history_len != pwHistLen) { /* After closing and reopening SAM_ACCOUNT the history values will sync up. We can't do this here. */ /* current_history_len > pwHistLen is not a problem - we have more history than we need. */ if (current_history_len < pwHistLen) { /* Ensure we have space for the needed history. */ uchar *new_history = TALLOC(sampass->mem_ctx, pwHistLen*PW_HISTORY_ENTRY_LEN); /* And copy it into the new buffer. */ if (current_history_len) { memcpy(new_history, pwhistory, current_history_len*PW_HISTORY_ENTRY_LEN); } /* Clearing out any extra space. */ memset(&new_history[current_history_len*PW_HISTORY_ENTRY_LEN], '\0', (pwHistLen-current_history_len)*PW_HISTORY_ENTRY_LEN); /* Finally replace it. */ pwhistory = new_history; } } if (pwhistory && pwHistLen){ /* Make room for the new password in the history list. */ if (pwHistLen > 1) { memmove(&pwhistory[PW_HISTORY_ENTRY_LEN], pwhistory, (pwHistLen -1)*PW_HISTORY_ENTRY_LEN ); } /* Create the new salt as the first part of the history entry. */ generate_random_buffer(pwhistory, PW_HISTORY_SALT_LEN); /* Generate the md5 hash of the salt+new password as the second part of the history entry. */ E_md5hash(pwhistory, new_nt_p16, &pwhistory[PW_HISTORY_SALT_LEN]); pdb_set_pw_history(sampass, pwhistory, pwHistLen, PDB_CHANGED); } else { DEBUG (10,("pdb_get_set.c: pdb_set_plaintext_passwd: pwhistory was NULL!\n")); } } else { /* Set the history length to zero. */ pdb_set_pw_history(sampass, NULL, 0, PDB_CHANGED); } } return True;}/* check for any PDB_SET/CHANGED field and fill the appropriate mask bit */uint32 pdb_build_fields_present (SAM_ACCOUNT *sampass){ /* value set to all for testing */ return 0x00ffffff;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -