diff options
Diffstat (limited to 'misc/chntpw/patches')
7 files changed, 387 insertions, 0 deletions
diff --git a/misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch b/misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch new file mode 100644 index 0000000000..3c68146b09 --- /dev/null +++ b/misc/chntpw/patches/chntpw-080526-correct-test-for-failing-open-syscall.patch @@ -0,0 +1,75 @@ +From jim@meyering.net Mon Jul 20 20:05:55 2009 +Return-Path: jim@meyering.net +X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on amd.home.annexia.org +X-Spam-Level: +X-Spam-Status: No, score=-2.2 required=5.0 tests=AWL,BAYES_00, + UNPARSEABLE_RELAY autolearn=ham version=3.2.5 +Received: from mail.corp.redhat.com [10.5.5.51] + by amd.home.annexia.org with IMAP (fetchmail-6.3.8) + for <rjones@localhost> (single-drop); Mon, 20 Jul 2009 20:05:55 +0100 (BST) +Received: from zmta03.collab.prod.int.phx2.redhat.com (LHLO + zmta03.collab.prod.int.phx2.redhat.com) (10.5.5.33) by + mail06.corp.redhat.com with LMTP; Mon, 20 Jul 2009 15:05:47 -0400 (EDT) +Received: from localhost (localhost.localdomain [127.0.0.1]) + by zmta03.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 2C1134E4EB + for <rjones@redhat.com>; Mon, 20 Jul 2009 15:05:47 -0400 (EDT) +Received: from zmta03.collab.prod.int.phx2.redhat.com ([127.0.0.1]) + by localhost (zmta03.collab.prod.int.phx2.redhat.com [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id a7N9dvNRkYQB for <rjones@redhat.com>; + Mon, 20 Jul 2009 15:05:47 -0400 (EDT) +Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26]) + by zmta03.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 034384E4D6 + for <rjones@mail.corp.redhat.com>; Mon, 20 Jul 2009 15:05:46 -0400 (EDT) +Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199]) + by int-mx2.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n6KJ5kIt032703 + for <rjones@int-mx2.corp.redhat.com>; Mon, 20 Jul 2009 15:05:46 -0400 +Received: from mx.meyering.net (sebastian-int.corp.redhat.com [172.16.52.221]) + by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id n6KJ5jf3021050 + for <rjones@redhat.com>; Mon, 20 Jul 2009 15:05:45 -0400 +Received: by rho.meyering.net (Acme Bit-Twister, from userid 1000) + id D674638154; Mon, 20 Jul 2009 21:05:44 +0200 (CEST) +From: Jim Meyering <jim@meyering.net> +To: "Richard W. M. Jones" <rjones@redhat.com> +Subject: chntpw [PATCH] correct test for failing "open" syscall +Date: Mon, 20 Jul 2009 21:05:44 +0200 +Message-ID: <878wij899z.fsf@meyering.net> +MIME-Version: 1.0 +Content-Type: text/plain; charset=us-ascii +X-Scanned-By: MIMEDefang 2.58 on 172.16.27.26 +Status: RO +Content-Length: 1103 +Lines: 33 + +This one is weird. +It must be code that is never exercised, +since the existing code is totally bogus. +The condition, !open(...), will almost always be true. +(sole exception is when starting a program with stdin +initially closed) + +>From bc4cddb06cf13c189fbdc93e6962cad072779097 Mon Sep 17 00:00:00 2001 +From: Jim Meyering <meyering@redhat.com> +Date: Mon, 20 Jul 2009 14:59:19 -0400 +Subject: [PATCH] correct test for failing "open" syscall + +* ntreg.c (writeHive): Test open() < 0, not !open(). +--- + ntreg.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/ntreg.c b/ntreg.c +index be6b680..21cd3e3 100644 +--- a/ntreg.c ++++ b/ntreg.c +@@ -2765,7 +2765,7 @@ int writeHive(struct hive *hdesc) + if ( !(hdesc->state & HMODE_DIRTY)) return(0); + + if ( !(hdesc->state & HMODE_OPEN)) { /* File has been closed */ +- if (!(hdesc->filedesc = open(hdesc->filename,O_RDWR))) { ++ if ((hdesc->filedesc = open(hdesc->filename,O_RDWR)) < 0) { + fprintf(stderr,"writeHive: open(%s) failed: %s, FILE NOT WRITTEN!\n",hdesc->filename,strerror(errno)); + return(1); + } +-- +1.6.2.5 + diff --git a/misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch b/misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch new file mode 100644 index 0000000000..818639d83a --- /dev/null +++ b/misc/chntpw/patches/chntpw-110511-detect-failure-to-write-key.patch @@ -0,0 +1,19 @@ +diff -ur chntpw-110511.orig/ntreg.c chntpw-110511/ntreg.c +--- chntpw-110511.orig/ntreg.c 2011-05-11 12:33:56.000000000 -0700 ++++ chntpw-110511/ntreg.c 2011-11-01 13:45:02.550421729 -0700 +@@ -3389,7 +3389,14 @@ + + fprintf(file,"\r\n"); /* Must end file with an empty line, windows does that */ + +- fclose(file); ++ if (ferror (file)) { ++ printf("failed to write file '%s'\n", filename); ++ fclose (file); ++ return; ++ } ++ if (fclose(file)) ++ printf("failed to write file '%s': %s\n", filename, ++ strerror(errno)); + } + + /* ================================================================ */ diff --git a/misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch b/misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch new file mode 100644 index 0000000000..0193cd4937 --- /dev/null +++ b/misc/chntpw/patches/chntpw-110511-reged-no-deref-null.patch @@ -0,0 +1,15 @@ +diff -ur chntpw-110511.orig/reged.c chntpw-110511/reged.c +--- chntpw-110511.orig/reged.c 2011-05-11 12:33:56.000000000 -0700 ++++ chntpw-110511/reged.c 2011-11-01 13:46:55.569625286 -0700 +@@ -167,6 +167,11 @@ + + if (edit) { /* Call editor. Rest of arguments are considered hives to load */ + hivename = argv[optind+no_hives]; ++ if (!hivename) { ++ fprintf(stderr,"with -e you must specify at least one hive file name\n"); ++ usage(); ++ exit(1); ++ } + do { + if (!(hive[no_hives] = openHive(hivename, + HMODE_RW|mode))) { diff --git a/misc/chntpw/patches/chntpw-110511-robustness.patch b/misc/chntpw/patches/chntpw-110511-robustness.patch new file mode 100644 index 0000000000..ea2363f343 --- /dev/null +++ b/misc/chntpw/patches/chntpw-110511-robustness.patch @@ -0,0 +1,39 @@ +--- chntpw-110511.orig/ntreg.c 2011-05-11 12:33:56.000000000 -0700 ++++ chntpw-110511/ntreg.c 2011-12-18 17:09:06.290818997 -0800 +@@ -190,14 +190,18 @@ + + int fmyinput(char *prmpt, char *ibuf, int maxlen) + { +- ++ int len; + printf("%s",prmpt); + + fgets(ibuf,maxlen+1,stdin); ++ len = strlen(ibuf); + +- ibuf[strlen(ibuf)-1] = 0; ++ if (len) { ++ ibuf[len-1] = 0; ++ --len; ++ } + +- return(strlen(ibuf)); ++ return len; + } + + /* Print len number of hexbytes */ +@@ -4119,6 +4123,14 @@ + closeHive(hdesc); + return(NULL); + } ++ ++ if (r < sizeof (*hdesc)) { ++ fprintf(stderr, ++ "file is too small; got %d bytes while expecting %d or more\n", ++ r, sizeof (*hdesc)); ++ closeHive(hdesc); ++ return(NULL); ++ } + + /* Now run through file, tallying all pages */ + /* NOTE/KLUDGE: Assume first page starts at offset 0x1000 */ diff --git a/misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch b/misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch new file mode 100644 index 0000000000..ff7c8467b7 --- /dev/null +++ b/misc/chntpw/patches/chntpw-140201-fix-bogus-errno-use.patch @@ -0,0 +1,34 @@ +diff -u chntpw-140201.orig/ntreg.c chntpw-140201/ntreg.c +--- chntpw-140201.orig/ntreg.c 2019-06-22 13:09:59.583717369 -0700 ++++ chntpw-140201/ntreg.c 2019-06-22 13:16:26.714726148 -0700 +@@ -4241,10 +4241,13 @@ + do { /* On some platforms read may not block, and read in chunks. handle that */ + r = read(hdesc->filedesc, hdesc->buffer + rt, hdesc->size - rt); + rt += r; +- } while ( !errno && (rt < hdesc->size) ); ++ } while ( r > 0 && (rt < hdesc->size) ); + +- if (errno) { +- perror("openHive(): read error: "); ++ if (r <= 0) { ++ if (r < 0) ++ perror("openHive(): read error"); ++ else ++ fprintf(stderr, "openHive(): read error: unexpected EOF\n"); + closeHive(hdesc); + return(NULL); + } +@@ -4255,10 +4258,10 @@ + return(NULL); + } + +- if (r < sizeof (*hdesc)) { ++ if (rt < sizeof (*hdesc)) { + fprintf(stderr, +- "file is too small; got %d bytes while expecting %d or more\n", +- r, sizeof (*hdesc)); ++ "file is too small; got %d bytes while expecting %zu or more\n", ++ rt, sizeof (*hdesc)); + closeHive(hdesc); + return(NULL); + } diff --git a/misc/chntpw/patches/chntpw-140201-get_abs_path.patch b/misc/chntpw/patches/chntpw-140201-get_abs_path.patch new file mode 100644 index 0000000000..c9f1a3decc --- /dev/null +++ b/misc/chntpw/patches/chntpw-140201-get_abs_path.patch @@ -0,0 +1,10 @@ +--- chntpw-140201/ntreg.c.orig 2014-02-01 08:54:37.000000000 -0800 ++++ chntpw-140201/ntreg.c 2018-07-02 16:10:39.625152640 -0700 +@@ -1511,6 +1511,7 @@ + } + + strncpy(tmp,path,ABSPATHLEN-1); ++ tmp[ABSPATHLEN-1] = '\0'; + + if (key->type & 0x20) + keyname = mem_str(key->keyname, key->len_name); diff --git a/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch b/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch new file mode 100644 index 0000000000..305cd780bd --- /dev/null +++ b/misc/chntpw/patches/chntpw-140201-port-to-gcrypt-debian.patch @@ -0,0 +1,195 @@ +diff -Naur chntpw-140201.orig/Makefile chntpw-140201/Makefile +--- chntpw-140201.orig/Makefile 2014-02-01 17:54:37.000000000 +0100 ++++ chntpw-140201/Makefile 2021-04-04 19:25:52.517404000 +0200 +@@ -1,32 +1,14 @@ + # + # Makefile for the Offline NT Password Editor + # +-# +-# Change here to point to the needed OpenSSL libraries & .h files +-# See INSTALL for more info. +-# +- +-#SSLPATH=/usr/local/ssl +-OSSLPATH=/usr +-OSSLINC=$(OSSLPATH)/include + + CC=gcc ++CFLAGS=-DUSELIBGCRYPT -g -I. $(shell libgcrypt-config --cflags) -Wall $(EXTRA_CFLAGS) + +-# Force 32 bit +-CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall -m32 +-OSSLLIB=$(OSSLPATH)/lib +- +-# 64 bit if default for compiler setup +-#CFLAGS= -DUSEOPENSSL -g -I. -I$(OSSLINC) -Wall +-#OSSLLIB=$(OSSLPATH)/lib64 +- +- +-# This is to link with whatever we have, SSL crypto lib we put in static +-#LIBS=-L$(OSSLLIB) $(OSSLLIB)/libcrypto.a +-LIBS=-L$(OSSLLIB) ++LIBS=$(shell libgcrypt-config --libs) + + +-all: chntpw chntpw.static cpnt reged reged.static samusrgrp samusrgrp.static sampasswd sampasswd.static ++all: chntpw cpnt reged samusrgrp sampasswd + + chntpw: chntpw.o ntreg.o edlib.o libsam.o + $(CC) $(CFLAGS) -o chntpw chntpw.o ntreg.o edlib.o libsam.o $(LIBS) +diff -Naur chntpw-140201.orig/chntpw.c chntpw-140201/chntpw.c +--- chntpw-140201.orig/chntpw.c 2014-02-01 17:54:37.000000000 +0100 ++++ chntpw-140201/chntpw.c 2021-04-04 19:24:37.185404000 +0200 +@@ -16,6 +16,7 @@ + * 2010-jun: Syskey not visible in menu, but is selectable (2) + * 2010-apr: Interactive menu adapts to show most relevant + * selections based on what is loaded ++ * 2008-may: port to libgcrypt to avoid GPL/OpenSSL incompatibility [Debian] + * 2008-mar: Minor other tweaks + * 2008-mar: Interactive reg ed moved out of this file, into edlib.c + * 2008-mar: 64 bit compatible patch by Mike Doty, via Alon Bar-Lev +@@ -79,8 +80,14 @@ + */ + + #ifdef DOCRYPTO ++#if defined(USEOPENSSL) + #include <openssl/des.h> + #include <openssl/md4.h> ++#elif defined(USELIBGCRYPT) ++ #include <gcrypt.h> ++#else ++ #error No DES encryption and MD4 hashing library found ++#endif + #endif + + #define uchar u_char +@@ -155,7 +162,9 @@ + for (i=0;i<8;i++) { + key[i] = (key[i]<<1); + } ++#if defined(USEOPENSSL) + DES_set_odd_parity((des_cblock *)key); ++#endif + } + + /* +@@ -200,6 +209,7 @@ + + void E1(uchar *k, uchar *d, uchar *out) + { ++#if defined(USEOPENSSL) + des_key_schedule ks; + des_cblock deskey; + +@@ -210,6 +220,15 @@ + des_set_key((des_cblock *)deskey,ks); + #endif /* __FreeBsd__ */ + des_ecb_encrypt((des_cblock *)d,(des_cblock *)out, ks, DES_ENCRYPT); ++#elif defined(USELIBGCRYPT) ++ gcry_cipher_hd_t ks; ++ uchar deskey[8]; ++ str_to_key(k,deskey); ++ gcry_cipher_open(&ks, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ gcry_cipher_setkey(ks, deskey, 8); ++ gcry_cipher_encrypt(ks, out, 8, d, 8); ++ gcry_cipher_close(ks); ++#endif + } + + #endif /* DOCRYPTO */ +@@ -343,9 +362,16 @@ + int i; + char md4[32],lanman[32]; + char newunipw[34], despw[20], newlanpw[16], newlandes[20]; ++#ifdef USEOPENSSL + des_key_schedule ks1, ks2; + des_cblock deskey1, deskey2; + MD4_CTX context; ++#elif defined(USELIBGCRYPT) ++ gcry_cipher_hd_t ks1, ks2; ++ uchar deskey1[8], deskey2[8]; ++ unsigned char *p; ++ gcry_md_hd_t context; ++#endif + unsigned char digest[16]; + uchar x1[] = {0x4B,0x47,0x53,0x21,0x40,0x23,0x24,0x25}; + #endif +@@ -460,6 +486,7 @@ + } + + #ifdef DOCRYPTO ++#if defined(USEOPENSSL) + /* Get the two decrpt keys. */ + sid_to_key1(rid,(unsigned char *)deskey1); + des_set_key((des_cblock *)deskey1,ks1); +@@ -477,6 +504,25 @@ + (des_cblock *)lanman, ks1, DES_DECRYPT); + des_ecb_encrypt((des_cblock *)(vp+lmpw_offs + 8), + (des_cblock *)&lanman[8], ks2, DES_DECRYPT); ++#elif defined(USELIBGCRYPT) ++ /* Start the keys */ ++ gcry_cipher_open(&ks1, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ gcry_cipher_open(&ks2, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_ECB, 0); ++ ++ /* Get the two decrpt keys. */ ++ sid_to_key1(rid,deskey1); ++ gcry_cipher_setkey(ks1, deskey1, 8); ++ sid_to_key2(rid,deskey2); ++ gcry_cipher_setkey(ks2, deskey2, 8); ++ ++ /* Decrypt the NT md4 password hash as two 8 byte blocks. */ ++ gcry_cipher_decrypt(ks1, md4, 8, vp+ntpw_offs, 8); ++ gcry_cipher_decrypt(ks2, &md4[8], 8, vp+ntpw_offs+8, 8); ++ ++ /* Decrypt the lanman password hash as two 8 byte blocks. */ ++ gcry_cipher_decrypt(ks1, lanman, 8, vp+lmpw_offs, 8); ++ gcry_cipher_decrypt(ks2, &lanman[8], 8, vp+lmpw_offs+8, 8); ++#endif + + if (gverbose) { + hexprnt("MD4 hash : ",(unsigned char *)md4,16); +@@ -544,9 +590,17 @@ + + /* printf("Ucase Lanman: %s\n",newlanpw); */ + ++#if defined(USEOPENSSL) + MD4Init (&context); + MD4Update (&context, newunipw, pl<<1); + MD4Final (digest, &context); ++#elif defined(USELIBGCRYPT) ++ gcry_md_open(&context, GCRY_MD_MD4, 0); ++ gcry_md_write(context, newunipw, pl<<1); ++ p = gcry_md_read(context, GCRY_MD_MD4); ++ if(p) memcpy(digest, p, gcry_md_get_algo_dlen(GCRY_MD_MD4)); ++ gcry_md_close(context); ++#endif + + if (gverbose) hexprnt("\nNEW MD4 hash : ",digest,16); + +@@ -555,6 +609,7 @@ + + if (gverbose) hexprnt("NEW LANMAN hash : ",(unsigned char *)lanman,16); + ++#if defined(USEOPENSSL) + /* Encrypt the NT md4 password hash as two 8 byte blocks. */ + des_ecb_encrypt((des_cblock *)digest, + (des_cblock *)despw, ks1, DES_ENCRYPT); +@@ -565,6 +620,18 @@ + (des_cblock *)newlandes, ks1, DES_ENCRYPT); + des_ecb_encrypt((des_cblock *)(lanman+8), + (des_cblock *)&newlandes[8], ks2, DES_ENCRYPT); ++#elif defined(USELIBGCRYPT) ++ /* Encrypt the NT md4 password hash as two 8 byte blocks. */ ++ gcry_cipher_encrypt(ks1, despw, 8, digest, 8); ++ gcry_cipher_encrypt(ks2, &despw[8], 8, digest+8, 8); ++ ++ gcry_cipher_encrypt(ks1, newlandes, 8, lanman, 8); ++ gcry_cipher_encrypt(ks2, &newlandes[8], 8, lanman+8, 8); ++ ++ /* Close keys, not needed after this */ ++ gcry_cipher_close(ks1); ++ gcry_cipher_close(ks2); ++#endif + + if (gverbose) { + hexprnt("NEW DES crypt : ",(unsigned char *)despw,16); |