summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>1998-05-21 23:50:16 +0000
committerJeremy Allison <jra@samba.org>1998-05-21 23:50:16 +0000
commit35c65576f71bb95f1bda5909c3a3cf32665a0dd4 (patch)
tree06f054d1c2acfe53a9d4e6affe8037d081ba2798
parentcbb1ef38b5bee7dddf4cfaad7ef69792ec003d8d (diff)
downloadsamba-35c65576f71bb95f1bda5909c3a3cf32665a0dd4.tar.gz
samba-35c65576f71bb95f1bda5909c3a3cf32665a0dd4.tar.bz2
samba-35c65576f71bb95f1bda5909c3a3cf32665a0dd4.zip
printing.c: Fixed overflow by one problem in LPRng.
reply.c: Fixed password length modifiers to always be done is none-encrypted mode used. This fixes Samba for people who are using non-encrypted passwords with security=server. Jeremy. (This used to be commit 720b565349e3467bd81d6d863b9ac54237edd3cf)
-rw-r--r--source3/printing/printing.c4
-rw-r--r--source3/smbd/reply.c32
2 files changed, 19 insertions, 17 deletions
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index 1ffe9d00a9..2b9c0c7199 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -286,12 +286,12 @@ static time_t LPRng_time(fstring tok[],int pos)
{
time_t jobtime;
struct tm *t;
- char tmp_time[9];
+ fstring tmp_time;
jobtime = time(NULL); /* default case: take current time */
t = localtime(&jobtime);
t->tm_hour = atoi(tok[pos]);
- StrnCpy(tmp_time,tok[pos],sizeof(tmp_time));
+ fstrcpy(tmp_time,tok[pos]);
t->tm_min = atoi(tmp_time+3);
t->tm_sec = atoi(tmp_time+6);
jobtime = mktime(t);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 4cde83cefe..5ed30a7e8f 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -516,6 +516,23 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
passlen1 = MIN(passlen1, MAX_PASS_LEN);
passlen2 = MIN(passlen2, MAX_PASS_LEN);
+ if(!doencrypt) {
+ /* both Win95 and WinNT stuff up the password lengths for
+ non-encrypting systems. Uggh.
+
+ if passlen1==24 its a win95 system, and its setting the
+ password length incorrectly. Luckily it still works with the
+ default code because Win95 will null terminate the password
+ anyway
+
+ if passlen1>0 and passlen2>0 then maybe its a NT box and its
+ setting passlen2 to some random value which really stuffs
+ things up. we need to fix that one. */
+
+ if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && passlen2 != 1)
+ passlen2 = 0;
+ }
+
if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) {
/* Save the lanman2 password and the NT md4 password. */
smb_apasslen = passlen1;
@@ -525,21 +542,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen);
smb_ntpasswd[smb_ntpasslen] = 0;
} else {
- /* both Win95 and WinNT stuff up the password lengths for
- non-encrypting systems. Uggh.
-
- if passlen1==24 its a win95 system, and its setting the
- password length incorrectly. Luckily it still works with the
- default code because Win95 will null terminate the password
- anyway
-
- if passlen1>0 and passlen2>0 then maybe its a NT box and its
- setting passlen2 to some random value which really stuffs
- things up. we need to fix that one. */
- if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 &&
- passlen2 != 1) {
- passlen2 = 0;
- }
/* we use the first password that they gave */
smb_apasslen = passlen1;
StrnCpy(smb_apasswd,p,smb_apasslen);