|
Lines 334-349
static int password_hash_bypass(struct l
Link Here
|
| 334 |
"Primary:Packages missing"); |
336 |
"Primary:Packages missing"); |
| 335 |
} |
337 |
} |
| 336 |
|
338 |
|
| 337 |
if (scpk == NULL) { |
|
|
| 338 |
/* |
| 339 |
* If Primary:Kerberos is missing w2k8r2 reboots |
| 340 |
* when a password is changed. |
| 341 |
*/ |
| 342 |
return ldb_error(ldb, |
| 343 |
LDB_ERR_CONSTRAINT_VIOLATION, |
| 344 |
"Primary:Kerberos missing"); |
| 345 |
} |
| 346 |
|
| 347 |
if (scpp) { |
339 |
if (scpp) { |
| 348 |
struct package_PackagesBlob *p; |
340 |
struct package_PackagesBlob *p; |
| 349 |
uint32_t n; |
341 |
uint32_t n; |
|
Lines 407-440
static int password_hash_bypass(struct l
Link Here
|
| 407 |
"PrimaryKerberos strlen(salt) == 0"); |
399 |
"PrimaryKerberos strlen(salt) == 0"); |
| 408 |
} |
400 |
} |
| 409 |
|
401 |
|
| 410 |
if (k->ctr.ctr3.num_keys != 2) { |
|
|
| 411 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 412 |
"PrimaryKerberos num_keys != 2"); |
| 413 |
} |
| 414 |
|
| 415 |
if (k->ctr.ctr3.num_old_keys > k->ctr.ctr3.num_keys) { |
402 |
if (k->ctr.ctr3.num_old_keys > k->ctr.ctr3.num_keys) { |
| 416 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
403 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 417 |
"PrimaryKerberos num_old_keys > num_keys"); |
404 |
"PrimaryKerberos num_old_keys > num_keys"); |
| 418 |
} |
405 |
} |
| 419 |
|
406 |
|
| 420 |
if (k->ctr.ctr3.keys[0].keytype != ENCTYPE_DES_CBC_MD5) { |
|
|
| 421 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 422 |
"PrimaryKerberos key[0] != DES_CBC_MD5"); |
| 423 |
} |
| 424 |
if (k->ctr.ctr3.keys[1].keytype != ENCTYPE_DES_CBC_CRC) { |
| 425 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 426 |
"PrimaryKerberos key[1] != DES_CBC_CRC"); |
| 427 |
} |
| 428 |
|
| 429 |
if (k->ctr.ctr3.keys[0].value_len != 8) { |
| 430 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 431 |
"PrimaryKerberos key[0] value_len != 8"); |
| 432 |
} |
| 433 |
if (k->ctr.ctr3.keys[1].value_len != 8) { |
| 434 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 435 |
"PrimaryKerberos key[1] value_len != 8"); |
| 436 |
} |
| 437 |
|
| 438 |
for (i = 0; i < k->ctr.ctr3.num_old_keys; i++) { |
407 |
for (i = 0; i < k->ctr.ctr3.num_old_keys; i++) { |
| 439 |
if (k->ctr.ctr3.old_keys[i].keytype == |
408 |
if (k->ctr.ctr3.old_keys[i].keytype == |
| 440 |
k->ctr.ctr3.keys[i].keytype && |
409 |
k->ctr.ctr3.keys[i].keytype && |
|
Lines 442-447
static int password_hash_bypass(struct l
Link Here
|
| 442 |
k->ctr.ctr3.keys[i].value_len) { |
411 |
k->ctr.ctr3.keys[i].value_len) { |
| 443 |
continue; |
412 |
continue; |
| 444 |
} |
413 |
} |
|
|
414 |
if (k->ctr.ctr3.old_keys[i].keytype == DUMMY_NTHASH_KEYTYPE || |
| 415 |
k->ctr.ctr3.keys[i].keytype == DUMMY_NTHASH_KEYTYPE) { |
| 416 |
continue; |
| 417 |
} |
| 445 |
|
418 |
|
| 446 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
419 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 447 |
"PrimaryKerberos old_keys type/value_len doesn't match"); |
420 |
"PrimaryKerberos old_keys type/value_len doesn't match"); |
|
Lines 480-490
static int password_hash_bypass(struct l
Link Here
|
| 480 |
"KerberosNewerKeys strlen(salt) == 0"); |
453 |
"KerberosNewerKeys strlen(salt) == 0"); |
| 481 |
} |
454 |
} |
| 482 |
|
455 |
|
| 483 |
if (k->ctr.ctr4.num_keys != 4) { |
|
|
| 484 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 485 |
"KerberosNewerKeys num_keys != 2"); |
| 486 |
} |
| 487 |
|
| 488 |
if (k->ctr.ctr4.num_old_keys > k->ctr.ctr4.num_keys) { |
456 |
if (k->ctr.ctr4.num_old_keys > k->ctr.ctr4.num_keys) { |
| 489 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
457 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 490 |
"KerberosNewerKeys num_old_keys > num_keys"); |
458 |
"KerberosNewerKeys num_old_keys > num_keys"); |
|
Lines 495-517
static int password_hash_bypass(struct l
Link Here
|
| 495 |
"KerberosNewerKeys num_older_keys > num_old_keys"); |
463 |
"KerberosNewerKeys num_older_keys > num_old_keys"); |
| 496 |
} |
464 |
} |
| 497 |
|
465 |
|
| 498 |
if (k->ctr.ctr4.keys[0].keytype != ENCTYPE_AES256_CTS_HMAC_SHA1_96) { |
|
|
| 499 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 500 |
"KerberosNewerKeys key[0] != AES256"); |
| 501 |
} |
| 502 |
if (k->ctr.ctr4.keys[1].keytype != ENCTYPE_AES128_CTS_HMAC_SHA1_96) { |
| 503 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 504 |
"KerberosNewerKeys key[1] != AES128"); |
| 505 |
} |
| 506 |
if (k->ctr.ctr4.keys[2].keytype != ENCTYPE_DES_CBC_MD5) { |
| 507 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 508 |
"KerberosNewerKeys key[2] != DES_CBC_MD5"); |
| 509 |
} |
| 510 |
if (k->ctr.ctr4.keys[3].keytype != ENCTYPE_DES_CBC_CRC) { |
| 511 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 512 |
"KerberosNewerKeys key[3] != DES_CBC_CRC"); |
| 513 |
} |
| 514 |
|
| 515 |
if (k->ctr.ctr4.keys[0].value_len != 32) { |
466 |
if (k->ctr.ctr4.keys[0].value_len != 32) { |
| 516 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
467 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 517 |
"KerberosNewerKeys key[0] value_len != 32"); |
468 |
"KerberosNewerKeys key[0] value_len != 32"); |
|
Lines 524-530
static int password_hash_bypass(struct l
Link Here
|
| 524 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
475 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 525 |
"KerberosNewerKeys key[2] value_len != 8"); |
476 |
"KerberosNewerKeys key[2] value_len != 8"); |
| 526 |
} |
477 |
} |
| 527 |
if (k->ctr.ctr4.keys[3].value_len != 8) { |
478 |
if (k->ctr.ctr4.keys[3].value_len != 8 && |
|
|
479 |
k->ctr.ctr4.keys[3].keytype == ENCTYPE_DES_CBC_CRC) { |
| 528 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
480 |
return ldb_error(ldb, LDB_ERR_CONSTRAINT_VIOLATION, |
| 529 |
"KerberosNewerKeys key[3] value_len != 8"); |
481 |
"KerberosNewerKeys key[3] value_len != 8"); |
| 530 |
} |
482 |
} |