diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-11-08 23:08:59 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-11-08 23:08:59 +0000 |
| commit | c19598f2a6a3329e973e14e389e0577ebb914f3b (patch) | |
| tree | a3a5040c9598eb21ca60ba73f16061828a08493d /source3/auth | |
| parent | 3b90ef84a5907ca5a1bc460adab5f52e940b5b72 (diff) | |
| download | samba-c19598f2a6a3329e973e14e389e0577ebb914f3b.tar.gz samba-c19598f2a6a3329e973e14e389e0577ebb914f3b.tar.bz2 samba-c19598f2a6a3329e973e14e389e0577ebb914f3b.zip | |
Merge from HEAD:
- change auth_sam to use the initialisation flags to determine if
the password attributes are set
- add const to secrets.c, cliconnect.c
- passdb: fix spelling in pdb_ldap, add group mapping back to smbpasswd
- SAMR: add debugs to show what fails for group enum.
Andrew Bartlett
(This used to be commit 4e74d00b3634abf52aa24bfaa6dbe88202aa57a1)
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_sam.c | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index bc98f46dc2..7252193c9a 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -162,12 +162,9 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, } } - nt_pw = pdb_get_nt_passwd(sampass); - lm_pw = pdb_get_lanman_passwd(sampass); - auth_flags = user_info->auth_flags; - if (nt_pw == NULL) { + if (IS_SAM_DEFAULT(sampass, PDB_NTPASSWD)) { DEBUG(3,("sam_password_ok: NO NT password stored for user %s.\n", pdb_get_username(sampass))); /* No return, we want to check the LM hash below in this case */ @@ -175,6 +172,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, } if (auth_flags & AUTH_FLAG_NTLMv2_RESP) { + nt_pw = pdb_get_nt_passwd(sampass); /* We have the NT MD4 hash challenge available - see if we can use it (ie. does it exist in the smbpasswd file). */ @@ -191,7 +189,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, return NT_STATUS_WRONG_PASSWORD; } } else if (auth_flags & AUTH_FLAG_NTLM_RESP) { - if (lp_ntlm_auth()) { + if (lp_ntlm_auth()) { + nt_pw = pdb_get_nt_passwd(sampass); /* We have the NT MD4 hash challenge available - see if we can use it (ie. does it exist in the smbpasswd file). */ @@ -211,13 +210,14 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, } } - if (lm_pw == NULL) { + if (IS_SAM_DEFAULT(sampass, PDB_LMPASSWD)) { DEBUG(3,("sam_password_ok: NO LanMan password set for user %s (and no NT password supplied)\n",pdb_get_username(sampass))); auth_flags &= (~AUTH_FLAG_LM_RESP); } if (auth_flags & AUTH_FLAG_LM_RESP) { - + lm_pw = pdb_get_lanman_passwd(sampass); + if (user_info->lm_resp.length != 24) { DEBUG(2,("sam_password_ok: invalid LanMan password length (%d) for user %s\n", user_info->nt_resp.length, pdb_get_username(sampass))); @@ -235,7 +235,8 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, { return NT_STATUS_OK; } else { - if (lp_ntlm_auth()) { + if (lp_ntlm_auth() && (!IS_SAM_DEFAULT(sampass, PDB_NTPASSWD))) { + nt_pw = pdb_get_nt_passwd(sampass); /* Apparently NT accepts NT responses in the LM field - I think this is related to Win9X pass-though authentication */ |