diff options
author | Andrew Tridgell <tridge@samba.org> | 2011-05-05 13:59:08 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2011-05-05 07:00:14 +0200 |
commit | 323c7445713d17989452b99bbb541248bb2388eb (patch) | |
tree | 0b4804896ff093bf3e02a919eee27cbc9d608563 | |
parent | 8563d5c384f672276d8ea2ab20a1810ff485e37d (diff) | |
download | samba-323c7445713d17989452b99bbb541248bb2388eb.tar.gz samba-323c7445713d17989452b99bbb541248bb2388eb.tar.bz2 samba-323c7445713d17989452b99bbb541248bb2388eb.zip |
s4-auth: removed the password combinations code in auth_unix
this code never did anything due to a typo, and was untested. We
should not be inluding a password cracker in Samba anyway.
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu May 5 07:00:14 CEST 2011 on sn-devel-104
-rw-r--r-- | source4/auth/ntlm/auth_unix.c | 43 |
1 files changed, 4 insertions, 39 deletions
diff --git a/source4/auth/ntlm/auth_unix.c b/source4/auth/ntlm/auth_unix.c index 743cb8103d..7fdb4b3ae0 100644 --- a/source4/auth/ntlm/auth_unix.c +++ b/source4/auth/ntlm/auth_unix.c @@ -737,46 +737,11 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, struct loadparm_context *lp return nt_status; } - if ( user_info->flags | USER_INFO_CASE_INSENSITIVE_PASSWORD) { - return nt_status; - } - - /* if the password was given to us with mixed case then we don't - * need to proceed as we know it hasn't been case modified by the - * client */ - if (strhasupper(password) && strhaslower(password)) { - return nt_status; - } - - /* make a copy of it */ - pwcopy = talloc_strdup(ctx, password); - if (!pwcopy) - return NT_STATUS_NO_MEMORY; - - /* try all lowercase if it's currently all uppercase */ - if (strhasupper(pwcopy)) { - strlower(pwcopy); - nt_status = password_check(username, pwcopy, crypted, salt); - if NT_STATUS_IS_OK(nt_status) { - *ret_passwd = pws; - return nt_status; - } - } - - /* give up? */ - if (level < 1) { - return NT_STATUS_WRONG_PASSWORD; - } - - /* last chance - all combinations of up to level chars upper! */ - strlower(pwcopy); + /* we no longer try different case combinations here. The use + * of this code is now web auth, where trying different case + * combinations makes no sense + */ -#if 0 - if (NT_STATUS_IS_OK(nt_status = string_combinations(pwcopy, password_check, level))) { - *ret_passwd = pws; - return nt_status; - } -#endif return NT_STATUS_WRONG_PASSWORD; } |