diff options
author | Jeremy Allison <jra@samba.org> | 2003-10-24 01:19:23 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2003-10-24 01:19:23 +0000 |
commit | 7967eeb659574932cdaa770941afbcfd2e991a3e (patch) | |
tree | edd1d4fe3ff8eb3cf111fd28bc420ad4cef9823a | |
parent | a36be30e082d0208ca8b6215928069e9f3d4f7b0 (diff) | |
download | samba-7967eeb659574932cdaa770941afbcfd2e991a3e.tar.gz samba-7967eeb659574932cdaa770941afbcfd2e991a3e.tar.bz2 samba-7967eeb659574932cdaa770941afbcfd2e991a3e.zip |
Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth.
Jeremy.
(This used to be commit 2d09d8c9d973f5f414d31f749db12328ff315de7)
-rw-r--r-- | source3/auth/auth_sam.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index ce97bd7df2..2a00b6fb80 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -172,6 +172,22 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, pdb_get_username(sampass))); /* No return, we want to check the LM hash below in this case */ auth_flags &= (~(AUTH_FLAG_NTLMv2_RESP | AUTH_FLAG_NTLM_RESP)); + } else { + /* Check for cleartext netlogon. Used by Exchange 5.5. */ + unsigned char zeros[8]; + + memset(zeros,'\0',sizeof(zeros)); + if (auth_context->challenge.length == sizeof(zeros) && + (memcmp(auth_context->challenge.data, zeros, auth_context->challenge.length) == 0 ) && + user_info->nt_resp.length) { + if ((nt_pw = pdb_get_nt_passwd(sampass)) != NULL) { + unsigned char pwhash[16]; + mdfour(pwhash, user_info->nt_resp.data, user_info->nt_resp.length); + if (memcmp(pwhash, nt_pw, sizeof(pwhash)) == 0) { + return NT_STATUS_OK; + } + } + } } if (auth_flags & AUTH_FLAG_NTLMv2_RESP) { |