diff options
author | Volker Lendecke <vlendec@samba.org> | 2006-09-02 21:41:28 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:39:47 -0500 |
commit | b7a5e3de1eac86bd460aed341ec17a01f4b82e5f (patch) | |
tree | 2595d8e87ab28b2cf0fe3c7b184fabb06ca68d4a /source3/libsmb | |
parent | 380c4183ee765c01c9ad3054764437434ee6c61f (diff) | |
download | samba-b7a5e3de1eac86bd460aed341ec17a01f4b82e5f.tar.gz samba-b7a5e3de1eac86bd460aed341ec17a01f4b82e5f.tar.bz2 samba-b7a5e3de1eac86bd460aed341ec17a01f4b82e5f.zip |
r18008: Ok, same fix as before. But this time also allocate the session key. This had
worked in one test, no idea what memory I've overwritten that time. This time
it survives the unpatched w2k password change.
Volker
(This used to be commit bf7bf8e4e9a279fe3ef1e9ff655b12f65c3c3e67)
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/ntlmssp.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 70fcd24e76..d017bdb76c 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -813,16 +813,25 @@ static NTSTATUS ntlmssp_server_auth(struct ntlmssp_state *ntlmssp_state, if (lm_session_key.data && lm_session_key.length >= 8) { if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) { session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16); + if (session_key.data == NULL) { + return NT_STATUS_NO_MEMORY; + } SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data, session_key.data); DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n")); - dump_data_pw("LM session key:\n", session_key.data, session_key.length); } else { - /* use the key unmodified - it's - * probably a NULL key from the guest - * login */ - session_key = lm_session_key; + static const uint8 zeros[24] = { 0, }; + session_key = data_blob_talloc( + ntlmssp_state->mem_ctx, NULL, 16); + if (session_key.data == NULL) { + return NT_STATUS_NO_MEMORY; + } + SMBsesskeygen_lm_sess_key( + lm_session_key.data, zeros, + session_key.data); } + dump_data_pw("LM session key:\n", session_key.data, + session_key.length); } else { DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n")); session_key = data_blob(NULL, 0); |