summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-07-30 11:14:47 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:52:16 -0500
commit748e7e4a923ee89b94f376066b1778cce5a58dfe (patch)
tree50c5835e65b346e82323a845e59745b6a50a920a /source3
parentdb4fde99d4a6ab45f6b1b1883c024420c38ccbaf (diff)
downloadsamba-748e7e4a923ee89b94f376066b1778cce5a58dfe.tar.gz
samba-748e7e4a923ee89b94f376066b1778cce5a58dfe.tar.bz2
samba-748e7e4a923ee89b94f376066b1778cce5a58dfe.zip
r1612: Fix bug #1571 found by Guenter Kukkukk <guenter.kukkukk@kukkukk.com>
(Botched LANMAN2 session setup code) Andrew Bartlett (This used to be commit 3baa4ef6c58eb13bec1a8ddb1561a504f4a16107)
Diffstat (limited to 'source3')
-rw-r--r--source3/libsmb/cliconnect.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index ce404e1b9e..559538aac9 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -81,7 +81,10 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user,
if (passlen > 0 && (cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen != 24) {
/* Encrypted mode needed, and non encrypted password supplied. */
lm_response = data_blob(NULL, 24);
- SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data);
+ if (!SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data)) {
+ DEBUG(1, ("Password is > 14 chars in length, and is therefore incompatible with Lanman authentication\n"));
+ return False;
+ }
} else if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen == 24) {
/* Encrypted mode needed, and encrypted password supplied. */
lm_response = data_blob(pass, passlen);
@@ -106,7 +109,7 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user,
p = smb_buf(cli->outbuf);
memcpy(p,lm_response.data,lm_response.length);
- p += passlen;
+ p += lm_response.length;
p += clistr_push(cli, p, user, -1, STR_TERMINATE|STR_UPPER);
p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE|STR_UPPER);
p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);