summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-12-27 11:33:24 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-12-27 11:33:24 +0000
commitf73492a58aba4239a9e00cc1bfca51362ca6a9b8 (patch)
treeb4db91bca6c1f5bb21f265f83b8d5cc5dc369070
parent82027c1ea2e44f51fa3a622af54736bac2e754a3 (diff)
downloadsamba-f73492a58aba4239a9e00cc1bfca51362ca6a9b8.tar.gz
samba-f73492a58aba4239a9e00cc1bfca51362ca6a9b8.tar.bz2
samba-f73492a58aba4239a9e00cc1bfca51362ca6a9b8.zip
This patch corrects some errors in the NTLMSSP implementation, that
would incorrectly return INVALID_PARAMETER, instead of allowing a login. Andrew Bartlett (This used to be commit 76c59469a340209959c420bd5c2e947d3347bdb1)
-rw-r--r--source3/libsmb/ntlmssp.c27
1 files changed, 18 insertions, 9 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 7b821da0fd..7026a02726 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -577,6 +577,9 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
}
}
+ if (auth_flags)
+ ntlmssp_handle_neg_flags(ntlmssp_state, auth_flags, lp_lanman_auth());
+
if (!NT_STATUS_IS_OK(nt_status = ntlmssp_set_domain(ntlmssp_state, domain))) {
SAFE_FREE(domain);
SAFE_FREE(user);
@@ -670,20 +673,26 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
sizeof(session_nonce), session_key.data);
DEBUG(10,("ntlmssp_server_auth: Created NTLM2 session key.\n"));
dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length);
-
- }else {
+
+ } else {
data_blob_free(&encrypted_session_key);
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM2 session key.\n"));
return NT_STATUS_INVALID_PARAMETER;
}
} else if (ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) {
- if (lm_session_key.data && lm_session_key.length >= 8 &&
- ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
- session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
- SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
- session_key.data);
- DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
- dump_data_pw("LM session key:\n", session_key.data, session_key.length);
+ if (lm_session_key.data && lm_session_key.length >= 8) {
+ if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
+ session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
+ session_key.data);
+ DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
+ dump_data_pw("LM session key:\n", session_key.data, session_key.length);
+ } else {
+ /* use the key unmodified - it's
+ * probably a NULL key from the guest
+ * login */
+ session_key = lm_session_key;
+ }
} else {
data_blob_free(&encrypted_session_key);
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));