diff options
author | Jeremy Allison <jra@samba.org> | 2003-10-24 01:18:56 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2003-10-24 01:18:56 +0000 |
commit | ab8f9387b73ff99db1a3255f9c55258ffa5df8f7 (patch) | |
tree | a381a4539283d27d04e49e291f2fb59a76462661 /source3/auth | |
parent | 4f62277d89bacff1f42e73bd86342f25116d8643 (diff) | |
download | samba-ab8f9387b73ff99db1a3255f9c55258ffa5df8f7.tar.gz samba-ab8f9387b73ff99db1a3255f9c55258ffa5df8f7.tar.bz2 samba-ab8f9387b73ff99db1a3255f9c55258ffa5df8f7.zip |
Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth.
Jeremy.
(This used to be commit 46e66ee950eee035ad008c189cd2378f734af605)
Diffstat (limited to 'source3/auth')
-rw-r--r-- | source3/auth/auth_sam.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c index ce97bd7df2..2a00b6fb80 100644 --- a/source3/auth/auth_sam.c +++ b/source3/auth/auth_sam.c @@ -172,6 +172,22 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, pdb_get_username(sampass))); /* No return, we want to check the LM hash below in this case */ auth_flags &= (~(AUTH_FLAG_NTLMv2_RESP | AUTH_FLAG_NTLM_RESP)); + } else { + /* Check for cleartext netlogon. Used by Exchange 5.5. */ + unsigned char zeros[8]; + + memset(zeros,'\0',sizeof(zeros)); + if (auth_context->challenge.length == sizeof(zeros) && + (memcmp(auth_context->challenge.data, zeros, auth_context->challenge.length) == 0 ) && + user_info->nt_resp.length) { + if ((nt_pw = pdb_get_nt_passwd(sampass)) != NULL) { + unsigned char pwhash[16]; + mdfour(pwhash, user_info->nt_resp.data, user_info->nt_resp.length); + if (memcmp(pwhash, nt_pw, sizeof(pwhash)) == 0) { + return NT_STATUS_OK; + } + } + } } if (auth_flags & AUTH_FLAG_NTLMv2_RESP) { |