diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2002-08-17 17:00:51 +0000 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2002-08-17 17:00:51 +0000 |
commit | b2edf254eda92f775e7d3d9b6793b4d77f9000b6 (patch) | |
tree | 18eb2564a769678c774a19bb07c00fc4aa7b2758 /source3/auth/auth_sam.c | |
parent | 669a39fae36f8bc60753c9b352556ef8ffaeb568 (diff) | |
download | samba-b2edf254eda92f775e7d3d9b6793b4d77f9000b6.tar.gz samba-b2edf254eda92f775e7d3d9b6793b4d77f9000b6.tar.bz2 samba-b2edf254eda92f775e7d3d9b6793b4d77f9000b6.zip |
sync 3.0 branch with head
(This used to be commit 3928578b52cfc949be5e0ef444fce1558d75f290)
Diffstat (limited to 'source3/auth/auth_sam.c')
-rw-r--r-- | source3/auth/auth_sam.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index 76579150ce..155370546a 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -107,7 +107,7 @@ static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB ntv2_response, memcpy(client_response, ntv2_response.data, sizeof(client_response)); ntv2_owf_gen(part_passwd, user, domain, kr); - SMBOWFencrypt_ntv2(kr, sec_blob, client_key_data, (char *)value_from_encryption); + SMBOWFencrypt_ntv2(kr, sec_blob, client_key_data, value_from_encryption); if (user_sess_key != NULL) { SMBsesskeygen_ntv2(kr, value_from_encryption, user_sess_key); @@ -232,11 +232,26 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, { return NT_STATUS_OK; } else { + if (lp_ntlm_auth()) { + /* Apparently NT accepts NT responses in the LM feild + - I think this is related to Win9X pass-though authenticaion + */ + DEBUG(4,("sam_password_ok: Checking NT MD4 password in LM feild\n")); + if (smb_pwd_check_ntlmv1(user_info->lm_resp, + nt_pw, auth_context->challenge, + user_sess_key)) + { + return NT_STATUS_OK; + } else { + DEBUG(3,("sam_password_ok: NT MD4 password in LM feild failed for user %s\n",pdb_get_username(sampass))); + return NT_STATUS_WRONG_PASSWORD; + } + } DEBUG(4,("sam_password_ok: LM password check failed for user %s\n",pdb_get_username(sampass))); return NT_STATUS_WRONG_PASSWORD; } } - + /* Should not be reached, but if they send nothing... */ DEBUG(3,("sam_password_ok: NEITHER LanMan nor NT password supplied for user %s\n",pdb_get_username(sampass))); return NT_STATUS_WRONG_PASSWORD; |