diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-12-27 11:33:24 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-12-27 11:33:24 +0000 |
commit | f73492a58aba4239a9e00cc1bfca51362ca6a9b8 (patch) | |
tree | b4db91bca6c1f5bb21f265f83b8d5cc5dc369070 | |
parent | 82027c1ea2e44f51fa3a622af54736bac2e754a3 (diff) | |
download | samba-f73492a58aba4239a9e00cc1bfca51362ca6a9b8.tar.gz samba-f73492a58aba4239a9e00cc1bfca51362ca6a9b8.tar.bz2 samba-f73492a58aba4239a9e00cc1bfca51362ca6a9b8.zip |
This patch corrects some errors in the NTLMSSP implementation, that
would incorrectly return INVALID_PARAMETER, instead of allowing a
login.
Andrew Bartlett
(This used to be commit 76c59469a340209959c420bd5c2e947d3347bdb1)
-rw-r--r-- | source3/libsmb/ntlmssp.c | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 7b821da0fd..7026a02726 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -577,6 +577,9 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, } } + if (auth_flags) + ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth()); + if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_domain(ntlmssp_state, domain))) { SAFE_FREE(domain); SAFE_FREE(user); @@ -670,20 +673,26 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, sizeof(session_nonce), session_key.data); DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n")); dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length); - - }else { + + } else { data_blob_free(&encrypted_session_key); DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n")); return NT_STATUS_INVALID_PARAMETER; } } else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) { - if (lm_session_key.data && lm_session_key.length >= 8 && - ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) { - session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16); - SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data, - session_key.data); - DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n")); - dump_data_pw("LM session key:\n", session_key.data, session_key.length); + if (lm_session_key.data && lm_session_key.length >= 8) { + if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) { + session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16); + SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data, + session_key.data); + DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n")); + dump_data_pw("LM session key:\n", session_key.data, session_key.length); + } else { + /* use the key unmodified - it's + * probably a NULL key from the guest + * login */ + session_key = lm_session_key; + } } else { data_blob_free(&encrypted_session_key); DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n")); |