{
ENCRYPTED_LM_OWF_PASSWORD StoredLmPassword;
ENCRYPTED_NT_OWF_PASSWORD StoredNtPassword;
- PENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
- PENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
- PENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
- PENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
+ ENCRYPTED_LM_OWF_PASSWORD OldLmPassword;
+ ENCRYPTED_LM_OWF_PASSWORD NewLmPassword;
+ ENCRYPTED_NT_OWF_PASSWORD OldNtPassword;
+ ENCRYPTED_NT_OWF_PASSWORD NewNtPassword;
BOOLEAN StoredLmPresent = FALSE;
BOOLEAN StoredNtPresent = FALSE;
BOOLEAN StoredLmEmpty = TRUE;
if (!NT_SUCCESS(Status))
{
TRACE("SampGetObjectAttribute failed to retrieve the fixed domain data (Status 0x%08lx)\n", Status);
- return Status;
+ goto done;
}
if (DomainFixedData.MinPasswordAge.QuadPart > 0)
{
if (SystemTime.QuadPart < (UserFixedData.PasswordLastSet.QuadPart + DomainFixedData.MinPasswordAge.QuadPart))
- return STATUS_ACCOUNT_RESTRICTION;
+ {
+ Status = STATUS_ACCOUNT_RESTRICTION;
+ goto done;
+ }
+ }
+ }
+
+ /* Decrypt the LM passwords, if present */
+ if (LmPresent)
+ {
+ Status = SystemFunction013((const BYTE *)NewLmEncryptedWithOldLm,
+ (const BYTE *)&StoredLmPassword,
+ (LPBYTE)&NewLmPassword);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ Status = SystemFunction013((const BYTE *)OldLmEncryptedWithNewLm,
+ (const BYTE *)&NewLmPassword,
+ (LPBYTE)&OldLmPassword);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+ goto done;
}
}
- /* FIXME: Decrypt passwords */
- OldLmPassword = OldLmEncryptedWithNewLm;
- NewLmPassword = NewLmEncryptedWithOldLm;
- OldNtPassword = OldNtEncryptedWithNewNt;
- NewNtPassword = NewNtEncryptedWithOldNt;
+ /* Decrypt the NT passwords, if present */
+ if (NtPresent)
+ {
+ Status = SystemFunction013((const BYTE *)NewNtEncryptedWithOldNt,
+ (const BYTE *)&StoredNtPassword,
+ (LPBYTE)&NewNtPassword);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+
+ Status = SystemFunction013((const BYTE *)OldNtEncryptedWithNewNt,
+ (const BYTE *)&NewNtPassword,
+ (LPBYTE)&OldNtPassword);
+ if (!NT_SUCCESS(Status))
+ {
+ TRACE("SystemFunction013 failed (Status 0x%08lx)\n", Status);
+ goto done;
+ }
+ }
/* Check if the old passwords match the stored ones */
if (NtPresent)
if (LmPresent)
{
if (!RtlEqualMemory(&StoredLmPassword,
- OldLmPassword,
+ &OldLmPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old LM Password does not match!\n");
else
{
if (!RtlEqualMemory(&StoredNtPassword,
- OldNtPassword,
+ &OldNtPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old NT Password does not match!\n");
else
{
if (!RtlEqualMemory(&StoredNtPassword,
- OldNtPassword,
+ &OldNtPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old NT Password does not match!\n");
if (LmPresent)
{
if (!RtlEqualMemory(&StoredLmPassword,
- OldLmPassword,
+ &OldLmPassword,
sizeof(ENCRYPTED_LM_OWF_PASSWORD)))
{
TRACE("Old LM Password does not match!\n");
if (NT_SUCCESS(Status))
{
Status = SampSetUserPassword(UserObject,
- NewNtPassword,
+ &NewNtPassword,
NtPresent,
- NewLmPassword,
+ &NewLmPassword,
LmPresent);
if (NT_SUCCESS(Status))
{