archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/ds/security/protocols/msv_sspi/test/changepass/password.cxx

527 lines
16 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2001 Microsoft Corporation
  5. Module Name:
  7. password.cxx
  9. Abstract:
  11. password
  13. Author:
  15. Larry Zhu (LZhu) December 1, 2001 Created
  17. Environment:
  19. User Mode
  21. Revision History:
  23. --*/
  25. #include "precomp.hxx"
  26. #pragma hdrstop
  28. #include "password.hxx"
  30. VOID
  31. Usage(
  32. IN PCSTR pszApp
  33. )
  34. {
  35. DebugPrintf(SSPI_ERROR, "\n\nUsage: %s [-p<package>] [-s] [-l] -r "
  36. "-c<client name> -C<client realm> -o<old password> -n<new password>\n"
  37. "Remarks: package default to NTLM, use -s to set password, -l local only\n"
  38. " -r not impernating (self)\n\n", pszApp);
  39. exit(-1);
  40. }
  42. NTSTATUS
  43. MsvChangePasswordUser(
  44. IN HANDLE LogonHandle,
  45. IN ULONG PackageId,
  46. IN BOOLEAN bCacheOnly,
  47. IN UNICODE_STRING* pDomainName,
  48. IN UNICODE_STRING* pUserName,
  49. IN UNICODE_STRING* pOldPassword,
  50. IN UNICODE_STRING* pNewPassword,
  51. IN BOOLEAN bImpersonating
  52. )
  53. {
  54. TNtStatus Status = STATUS_UNSUCCESSFUL;
  55. NTSTATUS SubStatus = STATUS_UNSUCCESSFUL;
  57. MSV1_0_CHANGEPASSWORD_RESPONSE* pResponse = NULL ;
  58. ULONG cbResponseSize;
  59. MSV1_0_CHANGEPASSWORD_REQUEST* pChangeRequest = NULL;
  60. ULONG cbChangeRequestSize;
  62. DebugPrintf(SSPI_LOG, "MsvChangePasswordUser PackageId %d, DomainName %wZ, "
  63. "UserName %wZ, OldPass %wZ, NewPass %wZ, Impersonating %s\n",
  64. PackageId, pDomainName, pUserName, pOldPassword, pNewPassword, bImpersonating ? "true" : "false");
  66. cbChangeRequestSize = ROUND_UP_COUNT(sizeof(MSV1_0_CHANGEPASSWORD_REQUEST), sizeof(DWORD))
  67. + pUserName->Length
  68. + pDomainName->Length
  69. + pOldPassword->Length
  70. + pNewPassword->Length;
  71. pChangeRequest = (MSV1_0_CHANGEPASSWORD_REQUEST*) new CHAR[cbChangeRequestSize];
  73. Status DBGCHK = pChangeRequest ? STATUS_SUCCESS : STATUS_NO_MEMORY;
  75. if (NT_SUCCESS(Status))
  76. {
  77. RtlZeroMemory(pChangeRequest, cbChangeRequestSize);
  79. pChangeRequest->MessageType = bCacheOnly ? MsV1_0ChangeCachedPassword : MsV1_0ChangePassword;
  81. pChangeRequest->AccountName = *pUserName;
  82. pChangeRequest->AccountName.Buffer = (PWSTR) ROUND_UP_POINTER(sizeof(MSV1_0_CHANGEPASSWORD_REQUEST) + (PBYTE) pChangeRequest, sizeof(DWORD));
  83. RtlCopyMemory(
  84. pChangeRequest->AccountName.Buffer,
  85. pUserName->Buffer,
  86. pUserName->Length
  87. );
  89. pChangeRequest->DomainName = *pDomainName;
  90. pChangeRequest->DomainName.Buffer = pChangeRequest->AccountName.Buffer + pChangeRequest->AccountName.Length / sizeof(WCHAR);
  92. RtlCopyMemory(
  93. pChangeRequest->DomainName.Buffer,
  94. pDomainName->Buffer,
  95. pDomainName->Length
  96. );
  98. pChangeRequest->OldPassword = *pOldPassword;
  99. pChangeRequest->OldPassword.Buffer = pChangeRequest->DomainName.Buffer + pChangeRequest->DomainName.Length / sizeof(WCHAR);
  101. RtlCopyMemory(
  102. pChangeRequest->OldPassword.Buffer,
  103. pOldPassword->Buffer,
  104. pOldPassword->Length
  105. );
  107. pChangeRequest->NewPassword = *pNewPassword;
  108. pChangeRequest->NewPassword.Buffer = pChangeRequest->OldPassword.Buffer + pChangeRequest->OldPassword.Length / sizeof(WCHAR);
  110. RtlCopyMemory(
  111. pChangeRequest->NewPassword.Buffer,
  112. pNewPassword->Buffer,
  113. pNewPassword->Length
  114. );
  116. //
  117. // We are running as the caller, so state we are impersonating
  118. //
  120. pChangeRequest->Impersonating = bImpersonating;
  122. DebugPrintf(SSPI_LOG, "Msg type %#x\n", pChangeRequest->MessageType);
  123. Status DBGCHK = LsaCallAuthenticationPackage(
  124. LogonHandle,
  125. PackageId,
  126. pChangeRequest,
  127. cbChangeRequestSize,
  128. (VOID**) &pResponse,
  129. &cbResponseSize,
  130. &SubStatus
  131. );
  132. }
  134. if (NT_SUCCESS(Status))
  135. {
  136. if (pResponse && pResponse->PasswordInfoValid)
  137. {
  138. DebugPrintf(SSPI_LOG, "SubStatus %#x, MinPasswordLength %d, PasswordHistoryLength %d\n",
  139. SubStatus,
  140. pResponse->DomainPasswordInfo.MinPasswordLength,
  141. pResponse->DomainPasswordInfo.PasswordHistoryLength);
  142. DebugPrintSysTimeAsLocalTime(SSPI_LOG, "MaxPasswordAge ", &pResponse->DomainPasswordInfo.MaxPasswordAge);
  143. DebugPrintSysTimeAsLocalTime(SSPI_LOG, "MinPasswordAge ", &pResponse->DomainPasswordInfo.MinPasswordAge);
  145. }
  146. Status DBGCHK = SubStatus;
  147. }
  148. else
  149. {
  150. DebugPrintf(SSPI_LOG, "SubStatus %#x\n", SubStatus);
  151. }
  153. if (pResponse)
  154. {
  155. LsaFreeReturnBuffer(pResponse);
  156. }
  158. if (pChangeRequest)
  159. {
  160. delete [] pChangeRequest;
  161. }
  162. return Status;
  163. }
  165. NTSTATUS
  166. KerbChangePasswordUser(
  167. IN HANDLE LogonHandle,
  168. IN ULONG PackageId,
  169. IN BOOLEAN bImpersonating,
  170. IN UNICODE_STRING* pDomainName,
  171. IN UNICODE_STRING* pUserName,
  172. IN UNICODE_STRING* pOldPassword,
  173. IN UNICODE_STRING* pNewPassword
  174. )
  175. {
  176. TNtStatus Status = STATUS_UNSUCCESSFUL;
  177. NTSTATUS SubStatus = STATUS_UNSUCCESSFUL;
  179. PVOID pResponse = NULL ;
  180. ULONG cbResponseSize;
  181. PKERB_CHANGEPASSWORD_REQUEST pChangeRequest = NULL;
  182. ULONG cbChangeRequestSize;
  184. DebugPrintf(SSPI_LOG, "KerbChangePasswordUser PackageId %d, DomainName %wZ, "
  185. "UserName %wZ, OldPass %wZ, NewPass %wZ, Impersonating %s\n",
  186. PackageId, pDomainName, pUserName, pOldPassword, pNewPassword, bImpersonating ? "true" : "false");
  188. cbChangeRequestSize = ROUND_UP_COUNT(sizeof(KERB_CHANGEPASSWORD_REQUEST), sizeof(DWORD))
  189. + pUserName->Length + pDomainName->Length
  190. + pOldPassword->Length + pNewPassword->Length;
  192. pChangeRequest = (PKERB_CHANGEPASSWORD_REQUEST) new CHAR[cbChangeRequestSize];
  194. Status DBGCHK = pChangeRequest ? STATUS_SUCCESS : STATUS_NO_MEMORY;
  196. if (NT_SUCCESS(Status))
  197. {
  198. RtlZeroMemory(pChangeRequest, cbChangeRequestSize);
  200. pChangeRequest->MessageType = KerbChangePasswordMessage;
  202. pChangeRequest->AccountName = *pUserName;
  203. pChangeRequest->AccountName.Buffer = (PWSTR) ROUND_UP_POINTER(sizeof(KERB_CHANGEPASSWORD_REQUEST) + (PBYTE) pChangeRequest, sizeof(DWORD));
  204. RtlCopyMemory(
  205. pChangeRequest->AccountName.Buffer,
  206. pUserName->Buffer,
  207. pUserName->Length
  208. );
  210. pChangeRequest->DomainName = *pDomainName;
  211. pChangeRequest->DomainName.Buffer = pChangeRequest->AccountName.Buffer + pChangeRequest->AccountName.Length / sizeof(WCHAR);
  213. RtlCopyMemory(
  214. pChangeRequest->DomainName.Buffer,
  215. pDomainName->Buffer,
  216. pDomainName->Length
  217. );
  219. pChangeRequest->OldPassword = *pOldPassword;
  220. pChangeRequest->OldPassword.Buffer = pChangeRequest->DomainName.Buffer + pChangeRequest->DomainName.Length / sizeof(WCHAR);
  222. RtlCopyMemory(
  223. pChangeRequest->OldPassword.Buffer,
  224. pOldPassword->Buffer,
  225. pOldPassword->Length
  226. );
  228. pChangeRequest->NewPassword = *pNewPassword;
  229. pChangeRequest->NewPassword.Buffer = pChangeRequest->OldPassword.Buffer + pChangeRequest->OldPassword.Length / sizeof(WCHAR);
  231. RtlCopyMemory(
  232. pChangeRequest->NewPassword.Buffer,
  233. pNewPassword->Buffer,
  234. pNewPassword->Length
  235. );
  237. //
  238. // We are running as the caller, so state we are impersonating
  239. //
  241. pChangeRequest->Impersonating = bImpersonating;
  243. Status DBGCHK = LsaCallAuthenticationPackage(
  244. LogonHandle,
  245. PackageId,
  246. pChangeRequest,
  247. cbChangeRequestSize,
  248. &pResponse,
  249. &cbResponseSize,
  250. &SubStatus
  251. );
  252. }
  254. if (NT_SUCCESS(Status))
  255. {
  256. Status DBGCHK = SubStatus;
  257. }
  258. else
  259. {
  260. DebugPrintf(SSPI_LOG, "SubStatus %#x\n", SubStatus);
  261. }
  263. if (pResponse)
  264. {
  265. LsaFreeReturnBuffer(pResponse);
  266. }
  268. if (pChangeRequest)
  269. {
  270. delete [] pChangeRequest;
  271. }
  272. return Status;
  273. }
  275. NTSTATUS
  276. KerbSetPasswordUser(
  277. IN HANDLE LogonHandle,
  278. IN ULONG PackageId,
  279. IN UNICODE_STRING* pDomainName,
  280. IN UNICODE_STRING* pUserName,
  281. IN UNICODE_STRING* pNewPassword,
  282. IN OPTIONAL PCredHandle pCredentialsHandle
  283. )
  284. {
  285. TNtStatus Status = STATUS_UNSUCCESSFUL;
  286. NTSTATUS SubStatus = STATUS_UNSUCCESSFUL;
  288. PVOID pResponse = NULL ;
  289. ULONG cbResponseSize = NULL;
  291. PKERB_SETPASSWORD_REQUEST pSetRequest = NULL;
  292. ULONG cbChangeSize;
  294. DebugPrintf(SSPI_LOG, "KerbSetPasswordUser PackageId %d, DomainName %wZ, "
  295. "UserName %wZ, NewPassword %wZ, CredHandle %p\n",
  296. PackageId, pDomainName, pUserName, pNewPassword, pCredentialsHandle);
  298. cbChangeSize = ROUND_UP_COUNT(sizeof(KERB_SETPASSWORD_REQUEST), sizeof(DWORD))
  299. + pUserName->Length + pDomainName->Length + pNewPassword->Length;
  301. pSetRequest = (PKERB_SETPASSWORD_REQUEST) new CHAR [cbChangeSize];
  303. Status DBGCHK = pSetRequest ? STATUS_SUCCESS : STATUS_NO_MEMORY;
  305. if (NT_SUCCESS(Status))
  306. {
  307. RtlZeroMemory(pSetRequest, cbChangeSize);
  309. pSetRequest->MessageType = KerbSetPasswordMessage;
  311. pSetRequest->AccountName = *pUserName;
  312. pSetRequest->AccountName.Buffer = (PWSTR) ROUND_UP_POINTER(sizeof(KERB_SETPASSWORD_REQUEST) + (PBYTE) pSetRequest, sizeof(DWORD));
  314. RtlCopyMemory(
  315. pSetRequest->AccountName.Buffer,
  316. pUserName->Buffer,
  317. pUserName->Length
  318. );
  320. pSetRequest->DomainName = *pDomainName;
  321. pSetRequest->DomainName.Buffer = pSetRequest->AccountName.Buffer + pSetRequest->AccountName.Length / sizeof(WCHAR);
  323. RtlCopyMemory(
  324. pSetRequest->DomainName.Buffer,
  325. pDomainName->Buffer,
  326. pDomainName->Length
  327. );
  329. pSetRequest->Password = *pNewPassword;
  330. pSetRequest->Password.Buffer = pSetRequest->DomainName.Buffer + pSetRequest->DomainName.Length / sizeof(WCHAR);
  332. RtlCopyMemory(
  333. pSetRequest->Password.Buffer,
  334. pNewPassword->Buffer,
  335. pNewPassword->Length
  336. );
  338. if (pCredentialsHandle)
  339. {
  340. pSetRequest->CredentialsHandle = *pCredentialsHandle;
  341. pSetRequest->Flags |= KERB_SETPASS_USE_CREDHANDLE;
  342. }
  344. Status DBGCHK = LsaCallAuthenticationPackage(
  345. LogonHandle,
  346. PackageId,
  347. pSetRequest,
  348. cbChangeSize,
  349. &pResponse,
  350. &cbResponseSize,
  351. &SubStatus
  352. );
  353. }
  355. if (NT_SUCCESS(Status))
  356. {
  357. Status DBGCHK = SubStatus;
  358. }
  360. if (pResponse)
  361. {
  362. LsaFreeReturnBuffer(pResponse);
  363. }
  365. if (pSetRequest)
  366. {
  367. delete [] pSetRequest;
  368. }
  370. return Status;
  371. }
  373. VOID __cdecl
  374. main(
  375. IN INT argc,
  376. IN PSTR argv[]
  377. )
  378. {
  379. TNtStatus Status = STATUS_SUCCESS;
  381. HANDLE LogonHandle = NULL;
  382. ULONG PackageId = -1;
  383. UNICODE_STRING ClientName = {0};
  384. UNICODE_STRING ClientRealm = {0};
  385. UNICODE_STRING OldPassword = {0};
  386. UNICODE_STRING NewPassword = {0};
  388. BOOLEAN bIsSetPassword = FALSE;
  389. BOOLEAN bCacheOnly = FALSE;
  390. BOOLEAN bImpersonating = TRUE;
  391. PCSTR pszPackageName = NTLMSP_NAME_A;
  393. for (INT i = 1; NT_SUCCESS(Status) && (i < argc); i++)
  394. {
  395. if ((*argv[i] == '-') || (*argv[i] == '/'))
  396. {
  397. switch (argv[i][1])
  398. {
  399. case 'c':
  400. Status DBGCHK = CreateUnicodeStringFromAsciiz(argv[i] + 2, &ClientName);
  401. break;
  403. case 'C':
  404. Status DBGCHK = CreateUnicodeStringFromAsciiz(argv[i] + 2, &ClientRealm);
  405. break;
  407. case 'p':
  408. pszPackageName = argv[i] + 2;
  409. break;
  411. case 'o':
  412. Status DBGCHK = CreateUnicodeStringFromAsciiz(argv[i] + 2, &OldPassword);
  413. break;
  415. case 'n':
  416. Status DBGCHK = CreateUnicodeStringFromAsciiz(argv[i] + 2, &NewPassword);
  417. break;
  419. case 'r':
  420. bImpersonating = FALSE;
  421. break;
  423. case 's':
  424. bIsSetPassword = TRUE;
  425. break;
  427. case 'l':
  428. bCacheOnly = TRUE;
  429. break;
  431. case 'h':
  432. case '?':
  433. default:
  434. Usage(argv[0]);
  435. break;
  436. }
  437. }
  438. else
  439. {
  440. Usage(argv[0]);
  441. }
  442. }
  444. if (NT_SUCCESS(Status))
  445. {
  446. Status DBGCHK = GetLsaHandleAndPackageId(
  447. pszPackageName,
  448. &LogonHandle,
  449. &PackageId
  450. );
  451. }
  453. if (NT_SUCCESS(Status))
  454. {
  455. if (0 == _stricmp(NTLMSP_NAME_A, pszPackageName))
  456. {
  457. if (bIsSetPassword)
  458. {
  459. DebugPrintf(SSPI_ERROR, "SetPassword not supported\n");
  460. Status DBGCHK = STATUS_NOT_SUPPORTED;
  461. }
  462. else
  463. {
  464. Status DBGCHK = MsvChangePasswordUser(
  465. LogonHandle,
  466. PackageId,
  467. bCacheOnly,
  468. &ClientRealm,
  469. &ClientName,
  470. &OldPassword,
  471. &NewPassword,
  472. bImpersonating
  473. );
  474. }
  475. }
  476. else if (0 == _stricmp(MICROSOFT_KERBEROS_NAME_A, pszPackageName))
  477. {
  478. if (bIsSetPassword)
  479. {
  480. Status DBGCHK = KerbSetPasswordUser(
  481. LogonHandle,
  482. PackageId,
  483. &ClientRealm,
  484. &ClientName,
  485. &NewPassword,
  486. NULL // no cred handle
  487. );
  488. }
  489. else
  490. {
  491. Status DBGCHK = KerbChangePasswordUser(
  492. LogonHandle,
  493. PackageId,
  494. bImpersonating,
  495. &ClientRealm,
  496. &ClientName,
  497. &OldPassword,
  498. &NewPassword
  499. );
  500. }
  501. }
  502. else
  503. {
  504. DebugPrintf(SSPI_ERROR, "%s not supported\n", pszPackageName);
  505. Status DBGCHK = STATUS_NOT_SUPPORTED;
  506. }
  507. }
  509. if (NT_SUCCESS(Status))
  510. {
  511. DebugPrintf(SSPI_LOG, "Operation succeeded\n");
  512. }
  513. else
  514. {
  515. DebugPrintf(SSPI_ERROR, "Operation failed\n");
  516. }
  518. if (LogonHandle)
  519. {
  520. LsaDeregisterLogonProcess(LogonHandle);
  521. }
  523. RtlFreeUnicodeString(&ClientName);
  524. RtlFreeUnicodeString(&ClientRealm);
  525. RtlFreeUnicodeString(&OldPassword);
  526. RtlFreeUnicodeString(&NewPassword);
  527. }