summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>1999-07-15 21:25:58 +0000
committerLuke Leighton <lkcl@samba.org>1999-07-15 21:25:58 +0000
commit7c29698e4182f034c0b8251be3bb9370cb35ec08 (patch)
tree65f7eff5436525805d7195359b5ebe9c545b5175 /source3
parent939f6d6794e1dc0677624ac67d1f00950417b713 (diff)
downloadsamba-7c29698e4182f034c0b8251be3bb9370cb35ec08.tar.gz
samba-7c29698e4182f034c0b8251be3bb9370cb35ec08.tar.bz2
samba-7c29698e4182f034c0b8251be3bb9370cb35ec08.zip
work-around for win95 NULL session bug: NULL password actually being
placed in data stream before username / domain, whereas NT doesn't do this... (This used to be commit 44e6d4c1b0b6ae54e76e96471b40bb784c8b3c8c)
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/reply.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index b8300da40a..bb6e8654d3 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -609,7 +609,7 @@ user %s attempted down-level SMB connection\n", user));
passlen2 = 0;
}
- if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) {
+ if (doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) {
/* Save the lanman2 password and the NT md4 password. */
smb_apasslen = passlen1;
memcpy(smb_apasswd,p,smb_apasslen);
@@ -632,12 +632,22 @@ user %s attempted down-level SMB connection\n", user));
}
}
- p += passlen1 + passlen2;
+ if (passlen2 == 0 && smb_apasslen == 0 && ra_type == RA_WIN95)
+ {
+ /* work-around for win95 NULL sessions, where NULL password is
+ actually put in the data stream before the domain name etc */
+ p++;
+ }
+ else
+ {
+ p += passlen1 + passlen2;
+ }
+
fstrcpy(user,p); p = skip_string(p,1);
domain = p;
DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n",
- domain,skip_string(p,1),skip_string(p,2)));
+ domain, skip_string(p,1), skip_string(p,2)));
}
DEBUG(3,("sesssetupX:name=[%s]\n",user));