summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-05 04:12:40 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-05 04:12:40 +0000
commit425699fce728a3d302a3e5288d0c59ec7b16aee2 (patch)
tree871aa0d76554fd02fd05eefab2e886dc9a75c6ad
parenta7f8c26d24b78dc6a0f829cf7b53112e5ddbdeda (diff)
downloadsamba-425699fce728a3d302a3e5288d0c59ec7b16aee2.tar.gz
samba-425699fce728a3d302a3e5288d0c59ec7b16aee2.tar.bz2
samba-425699fce728a3d302a3e5288d0c59ec7b16aee2.zip
Correctly handle per-pipe NTLMSSP inside a NULL session. Previously we
would attempt to supply a password to the 'inside' NTLMSSP, which the remote side naturally rejected. Andrew Bartlett (This used to be commit da408e0d5aa29ca1505c2fd96b32deae9ed940c4)
-rw-r--r--source3/libsmb/pwd_cache.c10
-rw-r--r--source3/rpc_client/cli_pipe.c17
2 files changed, 20 insertions, 7 deletions
diff --git a/source3/libsmb/pwd_cache.c b/source3/libsmb/pwd_cache.c
index f45832d7d7..7ba6cfc96f 100644
--- a/source3/libsmb/pwd_cache.c
+++ b/source3/libsmb/pwd_cache.c
@@ -45,8 +45,14 @@ static void pwd_make_lm_nt_16(struct pwd_info *pwd, const char *clr)
{
pwd_init(pwd);
- nt_lm_owf_gen(clr, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
- pwd->null_pwd = False;
+ if (!clr) {
+ ZERO_STRUCT(pwd->smb_nt_pwd);
+ ZERO_STRUCT(pwd->smb_lm_pwd);
+ pwd->null_pwd = True;
+ } else {
+ nt_lm_owf_gen(clr, pwd->smb_nt_pwd, pwd->smb_lm_pwd);
+ pwd->null_pwd = False;
+ }
pwd->crypted = False;
}
diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c
index 49abf787ee..3213e955b6 100644
--- a/source3/rpc_client/cli_pipe.c
+++ b/source3/rpc_client/cli_pipe.c
@@ -1342,11 +1342,18 @@ static BOOL rpc_pipe_bind(struct cli_state *cli, int pipe_idx, const char *my_na
if (!NT_STATUS_IS_OK(nt_status))
return False;
- pwd_get_cleartext(&cli->pwd, password);
- nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state,
- password);
- if (!NT_STATUS_IS_OK(nt_status))
- return False;
+ if (cli->pwd.null_pwd) {
+ nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state,
+ NULL);
+ if (!NT_STATUS_IS_OK(nt_status))
+ return False;
+ } else {
+ pwd_get_cleartext(&cli->pwd, password);
+ nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state,
+ password);
+ if (!NT_STATUS_IS_OK(nt_status))
+ return False;
+ }
if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) {
cli->ntlmssp_pipe_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN;