summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2003-12-17 21:57:29 +0000
committerJeremy Allison <jra@samba.org>2003-12-17 21:57:29 +0000
commit80222a3a92209394e35edaee5f5773c72d0e1fdf (patch)
treeeefccfe1a4374ee01f3f4daf9860f9c3b69e7292 /source3/libsmb
parent776605c768e9c343af2c9897162724acc08d4dae (diff)
downloadsamba-80222a3a92209394e35edaee5f5773c72d0e1fdf.tar.gz
samba-80222a3a92209394e35edaee5f5773c72d0e1fdf.tar.bz2
samba-80222a3a92209394e35edaee5f5773c72d0e1fdf.zip
Add in comments explaining NTLMv2 selection. Use lm session key if that's
all there is. Jeremy. (This used to be commit 3e6abeffe176cdba43d251f55f3b7aecd8fa55b1)
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/ntlmssp.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c
index 10f2983180..7b821da0fd 100644
--- a/source3/libsmb/ntlmssp.c
+++ b/source3/libsmb/ntlmssp.c
@@ -645,7 +645,15 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
}
}
+ /*
+ * Note we don't check here for NTLMv2 auth settings. If NTLMv2 auth
+ * is required (by "ntlm auth = no" and "lm auth = no" being set in the
+ * smb.conf file) and no NTLMv2 response was sent then the password check
+ * will fail here. JRA.
+ */
+
/* Finally, actually ask if the password is OK */
+
if (!NT_STATUS_IS_OK(nt_status = ntlmssp_state->check_password(ntlmssp_state, &nt_session_key, &lm_session_key))) {
data_blob_free(&encrypted_session_key);
return nt_status;
@@ -685,9 +693,13 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state,
session_key = nt_session_key;
DEBUG(10,("ntlmssp_server_auth: Using unmodified nt session key.\n"));
dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
+ } else if (lm_session_key.data) {
+ session_key = lm_session_key;
+ DEBUG(10,("ntlmssp_server_auth: Using unmodified lm session key.\n"));
+ dump_data_pw("unmodified session key:\n", session_key.data, session_key.length);
} else {
data_blob_free(&encrypted_session_key);
- DEBUG(10,("ntlmssp_server_auth: Failed to create unmodified nt session key.\n"));
+ DEBUG(10,("ntlmssp_server_auth: Failed to create unmodified session key.\n"));
return NT_STATUS_INVALID_PARAMETER;
}