diff options
author | Luke Leighton <lkcl@samba.org> | 1998-10-19 17:32:10 +0000 |
---|---|---|
committer | Luke Leighton <lkcl@samba.org> | 1998-10-19 17:32:10 +0000 |
commit | 01de6030843f5f402dee8bf72f564a91ae8437ca (patch) | |
tree | 2319ade00e775979ed5d3343bb8a89a21aa2bc2b /source3/smbd/password.c | |
parent | 33790c41501af0e8fdc2fbc7128cf2a42cafa087 (diff) | |
download | samba-01de6030843f5f402dee8bf72f564a91ae8437ca.tar.gz samba-01de6030843f5f402dee8bf72f564a91ae8437ca.tar.bz2 samba-01de6030843f5f402dee8bf72f564a91ae8437ca.zip |
- dce/rpc code
- removed debug info in struni2 and unistr2 (security risk)
- rpc_pipe function was getting pointer to data then calling realloc *dur*
- password check function, the start of "credential checking",
user, wks, domain, pass as the credentials (not just user,pass which
is incorrect in a domain context)
- cli_write needs to return ssize_t not size_t, because total can be -1
if the write fails.
- fixed signed / unsigned warnings (how come i don't get those any more
when i compile with gcc???)
- nt password change added in smbd. yes, jeremy, i verified that the
SMBtrans2 version still works.
(This used to be commit fcfb40d2b0fc565ee4f66b3a3761c246366a2ef3)
Diffstat (limited to 'source3/smbd/password.c')
-rw-r--r-- | source3/smbd/password.c | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 1c9eb19759..eac8c9cd65 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -383,8 +383,7 @@ BOOL smb_password_check(char *password, unsigned char *part_passwd, unsigned cha Do a specific test for an smb password being correct, given a smb_password and the lanman and NT responses. ****************************************************************************/ - -BOOL smb_password_ok(struct smb_passwd *smb_pass, +BOOL smb_password_ok(struct smb_passwd *smb_pass, uchar chal[8], uchar lm_pass[24], uchar nt_pass[24]) { uchar challenge[8]; @@ -400,9 +399,19 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass, return(False); } - if (!last_challenge(challenge)) { - DEBUG(1,("no challenge done - password failed\n")); - return False; + if (chal == NULL) + { + DEBUG(5,("use last SMBnegprot challenge\n")); + if (!last_challenge(challenge)) + { + DEBUG(1,("no challenge done - password failed\n")); + return False; + } + } + else + { + DEBUG(5,("challenge received\n")); + memcpy(challenge, chal, 8); } if ((Protocol >= PROTOCOL_NT1) && (smb_pass->smb_nt_passwd != NULL)) { @@ -450,7 +459,7 @@ SMB hash return True if the password is correct, False otherwise ****************************************************************************/ BOOL pass_check_smb(char *user, char *domain, - char *challenge, char *lm_pwd, char *nt_pwd, + uchar *chal, char *lm_pwd, char *nt_pwd, struct passwd *pwd) { struct passwd *pass; @@ -504,7 +513,7 @@ BOOL pass_check_smb(char *user, char *domain, return(True); } - if (smb_password_ok(smb_pass, (uchar *)lm_pwd, (uchar *)nt_pwd)) + if (smb_password_ok(smb_pass, chal, (uchar *)lm_pwd, (uchar *)nt_pwd)) { return(True); } |