summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2006-09-02 21:41:28 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:39:47 -0500
commitb7a5e3de1eac86bd460aed341ec17a01f4b82e5f (patch)
tree2595d8e87ab28b2cf0fe3c7b184fabb06ca68d4a
parent380c4183ee765c01c9ad3054764437434ee6c61f (diff)
downloadsamba-b7a5e3de1eac86bd460aed341ec17a01f4b82e5f.tar.gz
samba-b7a5e3de1eac86bd460aed341ec17a01f4b82e5f.tar.bz2
samba-b7a5e3de1eac86bd460aed341ec17a01f4b82e5f.zip
r18008: Ok, same fix as before. But this time also allocate the session key. This had
worked in one test, no idea what memory I've overwritten that time. This time it survives the unpatched w2k password change. Volker (This used to be commit bf7bf8e4e9a279fe3ef1e9ff655b12f65c3c3e67)
-rw-r--r--source3/libsmb/ntlmssp.c19
1 files changed, 14 insertions, 5 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 70fcd24e76..d017bdb76c 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -813,16 +813,25 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
if (lm_session_key.data && lm_session_key.length >= 8) {
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ if (session_key.data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
session_key.data);
DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
- dump_data_pw("LM session key:\n", session_key.data, session_key.length);
} else {
- /* use the key unmodified - it's
- * probably a NULL key from the guest
- * login */
- session_key = lm_session_key;
+ static const uint8 zeros[24] = { 0, };
+ session_key = data_blob_talloc(
+ ntlmssp_state->mem_ctx, NULL, 16);
+ if (session_key.data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ SMBsesskeygen_lm_sess_key(
+ lm_session_key.data, zeros,
+ session_key.data);
}
+ dump_data_pw("LM session key:\n", session_key.data,
+ session_key.length);
} else {
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));
session_key = data_blob(NULL, 0);