diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-07-30 11:14:47 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:52:16 -0500 |
commit | 748e7e4a923ee89b94f376066b1778cce5a58dfe (patch) | |
tree | 50c5835e65b346e82323a845e59745b6a50a920a /source3 | |
parent | db4fde99d4a6ab45f6b1b1883c024420c38ccbaf (diff) | |
download | samba-748e7e4a923ee89b94f376066b1778cce5a58dfe.tar.gz samba-748e7e4a923ee89b94f376066b1778cce5a58dfe.tar.bz2 samba-748e7e4a923ee89b94f376066b1778cce5a58dfe.zip |
r1612: Fix bug #1571 found by Guenter Kukkukk <guenter.kukkukk@kukkukk.com>
(Botched LANMAN2 session setup code)
Andrew Bartlett
(This used to be commit 3baa4ef6c58eb13bec1a8ddb1561a504f4a16107)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/libsmb/cliconnect.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index ce404e1b9e..559538aac9 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -81,7 +81,10 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user, if (passlen > 0 && (cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen != 24) { /* Encrypted mode needed, and non encrypted password supplied. */ lm_response = data_blob(NULL, 24); - SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data); + if (!SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data)) { + DEBUG(1, ("Password is > 14 chars in length, and is therefore incompatible with Lanman authentication\n")); + return False; + } } else if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen == 24) { /* Encrypted mode needed, and encrypted password supplied. */ lm_response = data_blob(pass, passlen); @@ -106,7 +109,7 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user, p = smb_buf(cli->outbuf); memcpy(p,lm_response.data,lm_response.length); - p += passlen; + p += lm_response.length; p += clistr_push(cli, p, user, -1, STR_TERMINATE|STR_UPPER); p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE|STR_UPPER); p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE); |