summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-05-09 09:41:08 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-05-09 09:41:08 +0000
commit5f5c4aaffd14cc15df4b367bc6d60641d7fdf7c6 (patch)
tree1a0bbae4b466732541e6ddf29da5c61f5fbdce39 /source3
parent376b8d57eef44c630208805f4897d6fe30700c67 (diff)
downloadsamba-5f5c4aaffd14cc15df4b367bc6d60641d7fdf7c6.tar.gz
samba-5f5c4aaffd14cc15df4b367bc6d60641d7fdf7c6.tar.bz2
samba-5f5c4aaffd14cc15df4b367bc6d60641d7fdf7c6.zip
Make sure we always have some client data, not just the hash. An NTLMv2 or
LMv2 response less than 24 bytes is just silly. Andrew Bartlett (This used to be commit b4ecdb2e582376d2713f81e8e32a668014905d70)
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_sam.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/source3/auth/auth_sam.c b/source3/auth/auth_sam.c
index 9a619f81f6..cb88014e98 100644
--- a/source3/auth/auth_sam.c
+++ b/source3/auth/auth_sam.c
@@ -98,9 +98,10 @@ static BOOL smb_pwd_check_ntlmv2(const DATA_BLOB ntv2_response,
return False;
}
- if (ntv2_response.length < 16) {
+ if (ntv2_response.length < 24) {
/* We MUST have more than 16 bytes, or the stuff below will go
- crazy... */
+ crazy. No known implementation sends less than the 24 bytes
+ for LMv2, let alone NTLMv2. */
DEBUG(0, ("smb_pwd_check_ntlmv2: incorrect password length (%d)\n",
ntv2_response.length));
return False;