summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorTim Potter <tpot@samba.org>2002-11-29 01:12:15 +0000
committerTim Potter <tpot@samba.org>2002-11-29 01:12:15 +0000
commit77c25dfbaae97802d5ca3258b874fe13d6270054 (patch)
tree22f4ffc519e02513b341fe70b36610c15461426b /source3
parent9fe17afefeca3576841dfee8bf05d71f1dac32cc (diff)
downloadsamba-77c25dfbaae97802d5ca3258b874fe13d6270054.tar.gz
samba-77c25dfbaae97802d5ca3258b874fe13d6270054.tar.bz2
samba-77c25dfbaae97802d5ca3258b874fe13d6270054.zip
Merge from HEAD:
>Added some extra code to test absence/presence of LM and NT passwords. (This used to be commit 89a2ee7e72fef444632659af13feaf94d3f6e9ce)
Diffstat (limited to 'source3')
-rw-r--r--source3/python/py_winbind.c25
1 files changed, 17 insertions, 8 deletions
diff --git a/source3/python/py_winbind.c b/source3/python/py_winbind.c
index ef6bc06233..783ac54439 100644
--- a/source3/python/py_winbind.c
+++ b/source3/python/py_winbind.c
@@ -412,13 +412,18 @@ static PyObject *py_auth_plaintext(PyObject *self, PyObject *args)
/* Challenge/response authentication */
-static PyObject *py_auth_crap(PyObject *self, PyObject *args)
+static PyObject *py_auth_crap(PyObject *self, PyObject *args, PyObject *kw)
{
+ static char *kwlist[] =
+ {"username", "password", "use_lm_hash", "use_nt_hash", NULL };
struct winbindd_request request;
struct winbindd_response response;
char *username, *password;
+ int use_lm_hash = 1, use_nt_hash = 1;
- if (!PyArg_ParseTuple(args, "ss", &username, &password))
+ if (!PyArg_ParseTupleAndKeywords(
+ args, kw, "ss|ii", kwlist, &username, &password,
+ &use_lm_hash, &use_nt_hash))
return NULL;
ZERO_STRUCT(request);
@@ -428,13 +433,17 @@ static PyObject *py_auth_crap(PyObject *self, PyObject *args)
generate_random_buffer(request.data.auth_crap.chal, 8, False);
- SMBencrypt((uchar *)password, request.data.auth_crap.chal,
- (uchar *)request.data.auth_crap.lm_resp);
- SMBNTencrypt((uchar *)password, request.data.auth_crap.chal,
- (uchar *)request.data.auth_crap.nt_resp);
+ if (use_lm_hash) {
+ SMBencrypt((uchar *)password, request.data.auth_crap.chal,
+ (uchar *)request.data.auth_crap.lm_resp);
+ request.data.auth_crap.lm_resp_len = 24;
+ }
- request.data.auth_crap.lm_resp_len = 24;
- request.data.auth_crap.nt_resp_len = 24;
+ if (use_nt_hash) {
+ SMBNTencrypt((uchar *)password, request.data.auth_crap.chal,
+ (uchar *)request.data.auth_crap.nt_resp);
+ request.data.auth_crap.nt_resp_len = 24;
+ }
if (winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response)
!= NSS_STATUS_SUCCESS) {