summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-02-19 10:56:12 +1100
committerAndrew Bartlett <abartlet@samba.org>2012-02-20 10:50:48 +1100
commitf91c616176555dc29052abd4c09ab1bf292c2929 (patch)
tree55744851663ddea8e97ac931047c45dcf2d9dcdb
parent3ebd79a6d042a1d7b4d671aec65883b2b786b7c5 (diff)
downloadsamba-f91c616176555dc29052abd4c09ab1bf292c2929.tar.gz
samba-f91c616176555dc29052abd4c09ab1bf292c2929.tar.bz2
samba-f91c616176555dc29052abd4c09ab1bf292c2929.zip
s3-ntlm_auth: allow ntlm_auth --diagnostics to pass again
This still requires that the server permit LM passwords, but our s3dc test environment has this enabled. Andrew Bartlett
-rw-r--r--source3/utils/ntlm_auth.c9
-rw-r--r--source3/utils/ntlm_auth_diagnostics.c10
-rw-r--r--source3/utils/ntlm_auth_proto.h1
3 files changed, 12 insertions, 8 deletions
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index ff9b60ed0f..02652b15e4 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -390,6 +390,7 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
const DATA_BLOB *lm_response,
const DATA_BLOB *nt_response,
uint32 flags,
+ uint32 extra_logon_parameters,
uint8 lm_key[8],
uint8 user_session_key[16],
char **error_string,
@@ -409,7 +410,8 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
request.flags = flags;
- request.data.auth_crap.logon_parameters = MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT;
+ request.data.auth_crap.logon_parameters = extra_logon_parameters
+ | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT;
if (require_membership_of_sid)
fstrcpy(request.data.auth_crap.require_membership_of_sid, require_membership_of_sid);
@@ -585,6 +587,7 @@ static NTSTATUS winbind_pw_check(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX
&ntlmssp_state->lm_resp,
&ntlmssp_state->nt_resp,
WBFLAG_PAM_LMKEY | WBFLAG_PAM_USER_SESSION_KEY | WBFLAG_PAM_UNIX_NAME,
+ 0,
lm_key, user_sess_key,
&error_string, &unix_name);
@@ -2032,7 +2035,7 @@ static void manage_ntlm_server_1_request(struct ntlm_auth_state *state,
&challenge,
&lm_response,
&nt_response,
- flags,
+ flags, 0,
lm_key,
user_session_key,
&error_string,
@@ -2486,7 +2489,7 @@ static bool check_auth_crap(void)
&opt_challenge,
&opt_lm_response,
&opt_nt_response,
- flags,
+ flags, 0,
(unsigned char *)lm_key,
(unsigned char *)user_session_key,
&error_string, NULL);
diff --git a/source3/utils/ntlm_auth_diagnostics.c b/source3/utils/ntlm_auth_diagnostics.c
index 41462c052b..e83e975ffd 100644
--- a/source3/utils/ntlm_auth_diagnostics.c
+++ b/source3/utils/ntlm_auth_diagnostics.c
@@ -98,7 +98,7 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which)
&chall,
&lm_response,
&nt_response,
- flags,
+ flags, 0,
lm_key,
user_session_key,
&error_string, NULL);
@@ -197,7 +197,7 @@ static bool test_ntlm_in_lm(void)
&chall,
&nt_response,
NULL,
- flags,
+ flags, 0,
lm_key,
user_session_key,
&error_string, NULL);
@@ -268,7 +268,7 @@ static bool test_ntlm_in_both(void)
&chall,
&nt_response,
&nt_response,
- flags,
+ flags, 0,
lm_key,
user_session_key,
&error_string, NULL);
@@ -359,7 +359,7 @@ static bool test_lmv2_ntlmv2_broken(enum ntlm_break break_which)
&chall,
&lmv2_response,
&ntlmv2_response,
- flags,
+ flags, 0,
NULL,
user_session_key,
&error_string, NULL);
@@ -510,7 +510,7 @@ static bool test_plaintext(enum ntlm_break break_which)
&chall,
&lm_response,
&nt_response,
- flags,
+ flags, MSV1_0_CLEARTEXT_PASSWORD_ALLOWED,
lm_key,
user_session_key,
&error_string, NULL);
diff --git a/source3/utils/ntlm_auth_proto.h b/source3/utils/ntlm_auth_proto.h
index 5f8d26465b..ae26c948b8 100644
--- a/source3/utils/ntlm_auth_proto.h
+++ b/source3/utils/ntlm_auth_proto.h
@@ -36,6 +36,7 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
const DATA_BLOB *lm_response,
const DATA_BLOB *nt_response,
uint32 flags,
+ uint32 extra_logon_parameters,
uint8 lm_key[8],
uint8 user_session_key[16],
char **error_string,