summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>1996-10-09 15:08:29 +0000
committerAndrew Tridgell <tridge@samba.org>1996-10-09 15:08:29 +0000
commit6dc1fe06c141ba7e32ee85caa3652f0b24896378 (patch)
tree99f1089a0ccdc4ec9c075fd6b96776823ccce9b6 /source3/smbd
parent681ce3254b07043158c435aa7881a4207f127107 (diff)
downloadsamba-6dc1fe06c141ba7e32ee85caa3652f0b24896378.tar.gz
samba-6dc1fe06c141ba7e32ee85caa3652f0b24896378.tar.bz2
samba-6dc1fe06c141ba7e32ee85caa3652f0b24896378.zip
- correctly handle non-encrypted share mode session-setup. We were
losing the username due to the recent "handle broken password lengths" patch. (This used to be commit b006cd6f911c045488bcdab260b03fd98cb08145)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/reply.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index a37c1901be..3d125a1186 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -332,6 +332,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
BOOL guest=False;
BOOL computer_id=False;
static BOOL done_sesssetup = False;
+ BOOL doencrypt = SMBENCRYPT();
*smb_apasswd = 0;
@@ -345,10 +346,12 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
smb_apasslen = SVAL(inbuf,smb_vwv7);
memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen);
StrnCpy(user,smb_buf(inbuf)+smb_apasslen,sizeof(user)-1);
+
+ if (lp_security() != SEC_SERVER && !doencrypt)
+ smb_apasslen = strlen(smb_apasswd);
} else {
uint16 passlen1 = SVAL(inbuf,smb_vwv7);
uint16 passlen2 = SVAL(inbuf,smb_vwv8);
- BOOL doencrypt = SMBENCRYPT();
char *p = smb_buf(inbuf);
if (passlen1 != 24 && passlen2 != 24)
@@ -369,10 +372,11 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
default code because Win95 will null terminate the password
anyway
- if passlen1>0 and passlen2>0 then its a NT box and its
+ if passlen1>0 and passlen2>0 then maybe its a NT box and its
setting passlen2 to some random value which really stuffs
things up. we need to fix that one. */
- if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24) {
+ if (passlen1 > 0 && passlen2 > 0 && passlen2 != 24 &&
+ passlen2 != 1) {
passlen2 = 0;
}
/* we use the first password that they gave */