diff options
author | Jeremy Allison <jra@samba.org> | 1998-05-21 23:50:16 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 1998-05-21 23:50:16 +0000 |
commit | 35c65576f71bb95f1bda5909c3a3cf32665a0dd4 (patch) | |
tree | 06f054d1c2acfe53a9d4e6affe8037d081ba2798 | |
parent | cbb1ef38b5bee7dddf4cfaad7ef69792ec003d8d (diff) | |
download | samba-35c65576f71bb95f1bda5909c3a3cf32665a0dd4.tar.gz samba-35c65576f71bb95f1bda5909c3a3cf32665a0dd4.tar.bz2 samba-35c65576f71bb95f1bda5909c3a3cf32665a0dd4.zip |
printing.c: Fixed overflow by one problem in LPRng.
reply.c: Fixed password length modifiers to always be done
is none-encrypted mode used. This fixes Samba for
people who are using non-encrypted passwords with
security=server.
Jeremy.
(This used to be commit 720b565349e3467bd81d6d863b9ac54237edd3cf)
-rw-r--r-- | source3/printing/printing.c | 4 | ||||
-rw-r--r-- | source3/smbd/reply.c | 32 |
2 files changed, 19 insertions, 17 deletions
diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 1ffe9d00a9..2b9c0c7199 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -286,12 +286,12 @@ static time_t LPRng_time(fstring tok[],int pos) { time_t jobtime; struct tm *t; - char tmp_time[9]; + fstring tmp_time; jobtime = time(NULL); /* default case: take current time */ t = localtime(&jobtime); t->tm_hour = atoi(tok[pos]); - StrnCpy(tmp_time,tok[pos],sizeof(tmp_time)); + fstrcpy(tmp_time,tok[pos]); t->tm_min = atoi(tmp_time+3); t->tm_sec = atoi(tmp_time+6); jobtime = mktime(t); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 4cde83cefe..5ed30a7e8f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -516,6 +516,23 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); + if(!doencrypt) { + /* both Win95 and WinNT stuff up the password lengths for + non-encrypting systems. Uggh. + + if passlen1==24 its a win95 system, and its setting the + password length incorrectly. Luckily it still works with the + default code because Win95 will null terminate the password + anyway + + if passlen1>0 and passlen2>0 then maybe its a NT box and its + setting passlen2 to some random value which really stuffs + things up. we need to fix that one. */ + + if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && passlen2 != 1) + passlen2 = 0; + } + if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; @@ -525,21 +542,6 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); smb_ntpasswd[smb_ntpasslen] = 0; } else { - /* both Win95 and WinNT stuff up the password lengths for - non-encrypting systems. Uggh. - - if passlen1==24 its a win95 system, and its setting the - password length incorrectly. Luckily it still works with the - default code because Win95 will null terminate the password - anyway - - if passlen1>0 and passlen2>0 then maybe its a NT box and its - setting passlen2 to some random value which really stuffs - things up. we need to fix that one. */ - if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 && - passlen2 != 1) { - passlen2 = 0; - } /* we use the first password that they gave */ smb_apasslen = passlen1; StrnCpy(smb_apasswd,p,smb_apasslen); |