diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-12-27 21:30:49 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-12-28 22:39:19 +1100 |
| commit | 1baf91639919a96d305196da03e38097ed6ba46f (patch) | |
| tree | b351e41601f29e05b0fbd18c9a769a6be02adcf6 | |
| parent | cfb9a9d650a0217eaa751963f055f8cdd7aa3392 (diff) | |
| download | samba-1baf91639919a96d305196da03e38097ed6ba46f.tar.gz samba-1baf91639919a96d305196da03e38097ed6ba46f.tar.bz2 samba-1baf91639919a96d305196da03e38097ed6ba46f.zip | |
credentials: Always honour the return value of E_deshash()
When this returns false, the hash value is not correct as the password
could not be converted into an uppercase, 14 char or less ASCII string.
Andrew Bartlett
| -rw-r--r-- | auth/credentials/credentials_ntlm.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/auth/credentials/credentials_ntlm.c b/auth/credentials/credentials_ntlm.c index 7f4af4f08c..2d6d6f6c55 100644 --- a/auth/credentials/credentials_ntlm.c +++ b/auth/credentials/credentials_ntlm.c @@ -174,8 +174,7 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred lm_response = nt_response; /* LM Key is incompatible with 'long' passwords */ *flags &= ~CLI_CRED_LANMAN_AUTH; - } else { - E_deshash(password, lm_hash); + } else if (E_deshash(password, lm_hash)) { lm_session_key = data_blob_talloc(mem_ctx, NULL, 16); memcpy(lm_session_key.data, lm_hash, 8); memset(&lm_session_key.data[8], '\0', 8); @@ -193,8 +192,7 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred *flags &= ~CLI_CRED_LANMAN_AUTH; password = cli_credentials_get_password(cred); - if (password) { - E_deshash(password, lm_hash); + if (password && E_deshash(password, lm_hash)) { lm_session_key = data_blob_talloc(mem_ctx, NULL, 16); memcpy(lm_session_key.data, lm_hash, 8); memset(&lm_session_key.data[8], '\0', 8); |