diff options
author | Andrew Tridgell <tridge@samba.org> | 2002-07-30 15:03:14 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2002-07-30 15:03:14 +0000 |
commit | 9edc1cd4cfd3c02cfb1b867f8450384c446e8b60 (patch) | |
tree | 4b041804db2b9e9da316f1137e5c6260ba5458a3 /source3/smbd | |
parent | 28f4463c8b6608dce02311ea7271fc983aa76d56 (diff) | |
download | samba-9edc1cd4cfd3c02cfb1b867f8450384c446e8b60.tar.gz samba-9edc1cd4cfd3c02cfb1b867f8450384c446e8b60.tar.bz2 samba-9edc1cd4cfd3c02cfb1b867f8450384c446e8b60.zip |
this fixes plaintext passwords with win2000
there were 2 bugs:
1) we were sending a null challenge when we should have sent an empty
challenge
2) the password can be in unicode if unicode is negotiated. This means
our client code was wrong too :(
(This used to be commit 1a6dfddf6788b30fc81794b1bfe749693183b2c1)
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/negprot.c | 6 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 7 |
2 files changed, 8 insertions, 5 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index abe44aac8c..d8aea624be 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -288,10 +288,12 @@ static int reply_nt1(char *inbuf, char *outbuf) if (!negotiate_spnego) { /* Create a token value and add it to the outgoing packet. */ if (global_encrypted_passwords_negotiated) { + /* note that we do not send a challenge at all if + we are using plaintext */ get_challenge(p); + SSVALS(outbuf,smb_vwv16+1,8); + p += 8; } - SSVALS(outbuf,smb_vwv16+1,8); - p += 8; p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN); DEBUG(3,("not using SPNEGO\n")); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 867b00ff5c..9d05e3f98a 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -699,9 +699,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, lm_resp = data_blob(p, passlen1); nt_resp = data_blob(p+passlen1, passlen2); } else { - plaintext_password = data_blob(p, passlen1+1); - /* Ensure null termination */ - plaintext_password.data[passlen1] = 0; + pstring pass; + srvstr_pull_buf(inbuf, pass, smb_buf(inbuf), + sizeof(pass), STR_TERMINATE); + plaintext_password = data_blob(pass, strlen(pass)); } p += passlen1 + passlen2; |