1/* 2 Unix SMB/CIFS implementation. 3 Password and authentication handling 4 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2001-2004 5 Copyright (C) Gerald Carter 2003 6 Copyright (C) Luke Kenneth Casson Leighton 1996-2000 7 8 This program is free software; you can redistribute it and/or modify 9 it under the terms of the GNU General Public License as published by 10 the Free Software Foundation; either version 3 of the License, or 11 (at your option) any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program. If not, see <http://www.gnu.org/licenses/>. 20*/ 21 22 23/** 24 * Compare password hashes against those from the SAM 25 * 26 * @param mem_ctx talloc context 27 * @param client_lanman LANMAN password hash, as supplied by the client 28 * @param client_nt NT (MD4) password hash, as supplied by the client 29 * @param username internal Samba username, for log messages 30 * @param client_username username the client used 31 * @param client_domain domain name the client used (may be mapped) 32 * @param stored_lanman LANMAN password hash, as stored on the SAM 33 * @param stored_nt NT (MD4) password hash, as stored on the SAM 34 * @param user_sess_key User session key 35 * @param lm_sess_key LM session key (first 8 bytes of the LM hash) 36 */ 37 38NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx, 39 bool lanman_auth, 40 const struct samr_Password *client_lanman, 41 const struct samr_Password *client_nt, 42 const char *username, 43 const struct samr_Password *stored_lanman, 44 const struct samr_Password *stored_nt); 45 46/** 47 * Check a challenge-response password against the value of the NT or 48 * LM password hash. 49 * 50 * @param mem_ctx talloc context 51 * @param challenge 8-byte challenge. If all zero, forces plaintext comparison 52 * @param nt_response 'unicode' NT response to the challenge, or unicode password 53 * @param lm_response ASCII or LANMAN response to the challenge, or password in DOS code page 54 * @param username internal Samba username, for log messages 55 * @param client_username username the client used 56 * @param client_domain domain name the client used (may be mapped) 57 * @param stored_lanman LANMAN ASCII password from our passdb or similar 58 * @param stored_nt MD4 unicode password from our passdb or similar 59 * @param user_sess_key User session key 60 * @param lm_sess_key LM session key (first 8 bytes of the LM hash) 61 */ 62 63NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx, 64 bool lanman_auth, 65 bool ntlm_auth, 66 uint32_t logon_parameters, 67 const DATA_BLOB *challenge, 68 const DATA_BLOB *lm_response, 69 const DATA_BLOB *nt_response, 70 const char *username, 71 const char *client_username, 72 const char *client_domain, 73 const struct samr_Password *stored_lanman, 74 const struct samr_Password *stored_nt, 75 DATA_BLOB *user_sess_key, 76 DATA_BLOB *lm_sess_key); 77