From 71be5b87ee2c6ac72951d03ae5265f89d514b548 Mon Sep 17 00:00:00 2001
From: Eric Kohl <eric.kohl@reactos.org>
Date: Sat, 3 Aug 2013 16:40:00 +0000
Subject: [PATCH] [SAMLIB] SamSetInformationUser: Add password length checks.

svn path=/trunk/; revision=59628
---
 reactos/dll/win32/samlib/samlib.c | 60 +++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)

diff --git a/reactos/dll/win32/samlib/samlib.c b/reactos/dll/win32/samlib/samlib.c
index 78621dd2b8c..e5ca81232a3 100644
--- a/reactos/dll/win32/samlib/samlib.c
+++ b/reactos/dll/win32/samlib/samlib.c
@@ -112,6 +112,42 @@ PSAMPR_SERVER_NAME_unbind(PSAMPR_SERVER_NAME pszSystemName,
 }
 
 
+NTSTATUS
+SampCheckPassword(IN SAMPR_HANDLE UserHandle,
+                  IN PUNICODE_STRING Password)
+{
+    USER_DOMAIN_PASSWORD_INFORMATION DomainPasswordInformation;
+    ULONG PasswordLength;
+    NTSTATUS Status;
+
+    TRACE("(%p %p)\n", UserHandle, Password);
+
+    /* Get the domain password information */
+    Status = SamrGetUserDomainPasswordInformation(UserHandle,
+                                                  &DomainPasswordInformation);
+    if (!NT_SUCCESS(Status))
+    {
+        TRACE("SamrGetUserDomainPasswordInformation failed (Status 0x%08lx)\n", Status);
+        return Status;
+    }
+
+    PasswordLength = (ULONG)(Password->Length / sizeof(WCHAR));
+
+    /* Fail if the password is too short or too long */
+    if ((PasswordLength < DomainPasswordInformation.MinPasswordLength) ||
+        (PasswordLength > 256))
+        return STATUS_PASSWORD_RESTRICTION;
+
+    /* Check the password complexity */
+    if (DomainPasswordInformation.PasswordProperties & DOMAIN_PASSWORD_COMPLEX)
+    {
+        /* FIXME */
+    }
+
+    return STATUS_SUCCESS;
+}
+
+
 NTSTATUS
 NTAPI
 SamAddMemberToAlias(IN SAM_HANDLE AliasHandle,
@@ -1725,6 +1761,7 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
 {
     PSAMPR_USER_SET_PASSWORD_INFORMATION PasswordBuffer;
     SAMPR_USER_INTERNAL1_INFORMATION Internal1Buffer;
+    PUSER_ALL_INFORMATION AllBuffer;
     OEM_STRING LmPwdString;
     CHAR LmPwdBuffer[15];
     NTSTATUS Status;
@@ -1736,6 +1773,14 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
     {
         PasswordBuffer = (PSAMPR_USER_SET_PASSWORD_INFORMATION)Buffer;
 
+        Status = SampCheckPassword(UserHandle,
+                                   (PUNICODE_STRING)&PasswordBuffer->Password);
+        if (!NT_SUCCESS(Status))
+        {
+            TRACE("SampCheckPassword failed (Status 0x%08lx)\n", Status);
+            return Status;
+        }
+
         /* Calculate the NT hash value of the passord */
         Status = SystemFunction007((PUNICODE_STRING)&PasswordBuffer->Password,
                                    (LPBYTE)&Internal1Buffer.EncryptedNtOwfPassword);
@@ -1786,6 +1831,21 @@ SamSetInformationUser(IN SAM_HANDLE UserHandle,
             return Status;
         }
     }
+    else if (UserInformationClass == UserAllInformation)
+    {
+        AllBuffer = (PUSER_ALL_INFORMATION)Buffer;
+
+        if (AllBuffer->WhichFields & (USER_ALL_LMPASSWORDPRESENT | USER_ALL_NTPASSWORDPRESENT))
+        {
+            Status = SampCheckPassword(UserHandle,
+                                       &AllBuffer->NtPassword);
+            if (!NT_SUCCESS(Status))
+            {
+                TRACE("SampCheckPassword failed (Status 0x%08lx)\n", Status);
+                return Status;
+            }
+        }
+    }
 
     RpcTryExcept
     {
-- 
2.17.1