diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-01-05 04:12:40 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2004-01-05 04:12:40 +0000 |
commit | 425699fce728a3d302a3e5288d0c59ec7b16aee2 (patch) | |
tree | 871aa0d76554fd02fd05eefab2e886dc9a75c6ad | |
parent | a7f8c26d24b78dc6a0f829cf7b53112e5ddbdeda (diff) | |
download | samba-425699fce728a3d302a3e5288d0c59ec7b16aee2.tar.gz samba-425699fce728a3d302a3e5288d0c59ec7b16aee2.tar.bz2 samba-425699fce728a3d302a3e5288d0c59ec7b16aee2.zip |
Correctly handle per-pipe NTLMSSP inside a NULL session. Previously we
would attempt to supply a password to the 'inside' NTLMSSP, which the
remote side naturally rejected.
Andrew Bartlett
(This used to be commit da408e0d5aa29ca1505c2fd96b32deae9ed940c4)
-rw-r--r-- | source3/libsmb/pwd_cache.c | 10 | ||||
-rw-r--r-- | source3/rpc_client/cli_pipe.c | 17 |
2 files changed, 20 insertions, 7 deletions
diff --git a/source3/libsmb/pwd_cache.c b/source3/libsmb/pwd_cache.c index f45832d7d7..7ba6cfc96f 100644 --- a/source3/libsmb/pwd_cache.c +++ b/source3/libsmb/pwd_cache.c @@ -45,8 +45,14 @@ static void pwd_make_lm_nt_16(struct pwd_info *pwd, const char *clr) { pwd_init(pwd); - nt_lm_owf_gen(clr, pwd->smb_nt_pwd, pwd->smb_lm_pwd); - pwd->null_pwd = False; + if (!clr) { + ZERO_STRUCT(pwd->smb_nt_pwd); + ZERO_STRUCT(pwd->smb_lm_pwd); + pwd->null_pwd = True; + } else { + nt_lm_owf_gen(clr, pwd->smb_nt_pwd, pwd->smb_lm_pwd); + pwd->null_pwd = False; + } pwd->crypted = False; } diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 49abf787ee..3213e955b6 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1342,11 +1342,18 @@ static BOOL rpc_pipe_bind(struct cli_state *cli, int pipe_idx, const char *my_na if (!NT_STATUS_IS_OK(nt_status)) return False; - pwd_get_cleartext(&cli->pwd, password); - nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state, - password); - if (!NT_STATUS_IS_OK(nt_status)) - return False; + if (cli->pwd.null_pwd) { + nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state, + NULL); + if (!NT_STATUS_IS_OK(nt_status)) + return False; + } else { + pwd_get_cleartext(&cli->pwd, password); + nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state, + password); + if (!NT_STATUS_IS_OK(nt_status)) + return False; + } if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { cli->ntlmssp_pipe_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; |