- got client code cleartext passwords working again in cli_session_setup.

  needed this for some tests.

- removed code that said "if lm password is not encrypted then encrypt both
  lm and nt passwords".  actually it said "if lm password length is not 24
  bytes and we're in security=user mode..."

  it didn't bother to check whether the nt password was NULL or not, and
  doing the encryption inside cli_session_setup is the wrong place.

- checked all instances where cli_session_setup is called with cleartext
  passwords that are expected to then be encrypted (see above) with the
  test "if pwlen != 24...".  there was only one: all the others either
  provide encrypted passwords, do null sessions or use
  cli_establish_connection.

* recommendation: use cli_establish_connection() in smbwrapper/smbw.c
(This used to be commit 2a509e9606f8aefbefa6e7b49878726464dbed44)

1 files changed, 6 insertions, 2 deletions

diff --git a/source3/smbwrapper/smbw.c b/source3/smbwrapper/smbw.c
index faaa9f047b..dfe99a7ed1 100644
--- a/source3/smbwrapper/smbw.c
+++ b/source3/smbwrapper/smbw.c
@@ -403,6 +403,7 @@ struct smbw_server *smbw_server(char *server, char *share)
 	pstring ipenv;
 	struct in_addr ip;
 	extern struct in_addr ipzero;
+	char lm_24[24], nt_24[24];
 
 	ip = ipzero;
 	ZERO_STRUCT(c);
@@ -488,9 +489,12 @@ struct smbw_server *smbw_server(char *server, char *share)
 		return NULL;
 	}
 
+	SMBencrypt  ((uchar *)password,(uchar *)c.cryptkey,(uchar *)lm_24);
+	SMBNTencrypt((uchar *)password,(uchar *)c.cryptkey,(uchar *)nt_24);
+
 	if (!cli_session_setup(&c, username, 
-			       password, strlen(password),
-			       password, strlen(password),
+			       lm_24, 24,
+			       nt_24, 24,
 			       workgroup) &&
 	    /* try an anonymous login if it failed */
 	    !cli_session_setup(&c, "", "", 1,"", 0, workgroup)) {