summaryrefslogtreecommitdiff
path: root/source3/auth/auth_sam.c
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2003-10-24 01:18:56 +0000
committerJeremy Allison <jra@samba.org>2003-10-24 01:18:56 +0000
commitab8f9387b73ff99db1a3255f9c55258ffa5df8f7 (patch)
treea381a4539283d27d04e49e291f2fb59a76462661 /source3/auth/auth_sam.c
parent4f62277d89bacff1f42e73bd86342f25116d8643 (diff)
downloadsamba-ab8f9387b73ff99db1a3255f9c55258ffa5df8f7.tar.gz
samba-ab8f9387b73ff99db1a3255f9c55258ffa5df8f7.tar.bz2
samba-ab8f9387b73ff99db1a3255f9c55258ffa5df8f7.zip
Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth.
Jeremy. (This used to be commit 46e66ee950eee035ad008c189cd2378f734af605)
Diffstat (limited to 'source3/auth/auth_sam.c')
-rw-r--r--source3/auth/auth_sam.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index ce97bd7df2..2a00b6fb80 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -172,6 +172,22 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
pdb_get_username(sampass)));
/* No return, we want to check the LM hash below in this case */
auth_flags &= (~(AUTH_FLAG_NTLMv2_RESP | AUTH_FLAG_NTLM_RESP));
+ } else {
+ /* Check for cleartext netlogon. Used by Exchange 5.5. */
+ unsigned char zeros[8];
+
+ memset(zeros,'\0',sizeof(zeros));
+ if (auth_context->challenge.length == sizeof(zeros) &&
+ (memcmp(auth_context->challenge.data, zeros, auth_context->challenge.length) == 0 ) &&
+ user_info->nt_resp.length) {
+ if ((nt_pw = pdb_get_nt_passwd(sampass)) != NULL) {
+ unsigned char pwhash[16];
+ mdfour(pwhash, user_info->nt_resp.data, user_info->nt_resp.length);
+ if (memcmp(pwhash, nt_pw, sizeof(pwhash)) == 0) {
+ return NT_STATUS_OK;
+ }
+ }
+ }
}
if (auth_flags & AUTH_FLAG_NTLMv2_RESP) {