s3-ntlm_auth: allow ntlm_auth --diagnostics to pass again

This still requires that the server permit LM passwords, but our s3dc test environment has this enabled. Andrew Bartlett
author: Andrew Bartlett <abartlet@samba.org> 2012-02-19 10:56:12 +1100
committer: Andrew Bartlett <abartlet@samba.org> 2012-02-20 10:50:48 +1100
commit: f91c616176555dc29052abd4c09ab1bf292c2929 (patch)
tree: 55744851663ddea8e97ac931047c45dcf2d9dcdb /source3
parent: 3ebd79a6d042a1d7b4d671aec65883b2b786b7c5 (diff)
download: samba-f91c616176555dc29052abd4c09ab1bf292c2929.tar.gz
samba-f91c616176555dc29052abd4c09ab1bf292c2929.tar.bz2
samba-f91c616176555dc29052abd4c09ab1bf292c2929.zip
3 files changed, 12 insertions, 8 deletions
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c
index ff9b60ed0f..02652b15e4 100644
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -390,6 +390,7 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
 				   const DATA_BLOB *lm_response,
 				   const DATA_BLOB *nt_response,
 				   uint32 flags,
+				   uint32 extra_logon_parameters,
 				   uint8 lm_key[8],
 				   uint8 user_session_key[16],
 				   char **error_string,
@@ -409,7 +410,8 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
 
 	request.flags = flags;
 
-	request.data.auth_crap.logon_parameters = MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT;
+	request.data.auth_crap.logon_parameters = extra_logon_parameters
+		| MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT;
 
 	if (require_membership_of_sid)
 		fstrcpy(request.data.auth_crap.require_membership_of_sid, require_membership_of_sid);
@@ -585,6 +587,7 @@ static NTSTATUS winbind_pw_check(struct ntlmssp_state *ntlmssp_state, TALLOC_CTX
 					      &ntlmssp_state->lm_resp,
 					      &ntlmssp_state->nt_resp, 
 					      WBFLAG_PAM_LMKEY | WBFLAG_PAM_USER_SESSION_KEY | WBFLAG_PAM_UNIX_NAME,
+					      0,
 					      lm_key, user_sess_key, 
 					      &error_string, &unix_name);
 
@@ -2032,7 +2035,7 @@ static void manage_ntlm_server_1_request(struct ntlm_auth_state *state,
 							      &challenge, 
 							      &lm_response, 
 							      &nt_response, 
-							      flags, 
+							      flags, 0,
 							      lm_key, 
 							      user_session_key,
 							      &error_string,
@@ -2486,7 +2489,7 @@ static bool check_auth_crap(void)
 					      &opt_challenge, 
 					      &opt_lm_response, 
 					      &opt_nt_response, 
-					      flags,
+					      flags, 0,
 					      (unsigned char *)lm_key, 
 					      (unsigned char *)user_session_key, 
 					      &error_string, NULL);
diff --git a/source3/utils/ntlm_auth_diagnostics.c b/source3/utils/ntlm_auth_diagnostics.c
index 41462c052b..e83e975ffd 100644
--- a/source3/utils/ntlm_auth_diagnostics.c
+++ b/source3/utils/ntlm_auth_diagnostics.c
@@ -98,7 +98,7 @@ static bool test_lm_ntlm_broken(enum ntlm_break break_which)
 					      &chall,
 					      &lm_response,
 					      &nt_response,
-					      flags,
+					      flags, 0,
 					      lm_key, 
 					      user_session_key,
 					      &error_string, NULL);
@@ -197,7 +197,7 @@ static bool test_ntlm_in_lm(void)
 					      &chall,
 					      &nt_response,
 					      NULL,
-					      flags,
+					      flags, 0,
 					      lm_key,
 					      user_session_key,
 					      &error_string, NULL);
@@ -268,7 +268,7 @@ static bool test_ntlm_in_both(void)
 					      &chall,
 					      &nt_response,
 					      &nt_response,
-					      flags,
+					      flags, 0,
 					      lm_key,
 					      user_session_key,
 					      &error_string, NULL);
@@ -359,7 +359,7 @@ static bool test_lmv2_ntlmv2_broken(enum ntlm_break break_which)
 					      &chall,
 					      &lmv2_response,
 					      &ntlmv2_response,
-					      flags,
+					      flags, 0,
 					      NULL, 
 					      user_session_key,
 					      &error_string, NULL);
@@ -510,7 +510,7 @@ static bool test_plaintext(enum ntlm_break break_which)
 					      &chall,
 					      &lm_response,
 					      &nt_response,
-					      flags,
+					      flags, MSV1_0_CLEARTEXT_PASSWORD_ALLOWED,
 					      lm_key,
 					      user_session_key,
 					      &error_string, NULL);
diff --git a/source3/utils/ntlm_auth_proto.h b/source3/utils/ntlm_auth_proto.h
index 5f8d26465b..ae26c948b8 100644
--- a/source3/utils/ntlm_auth_proto.h
+++ b/source3/utils/ntlm_auth_proto.h
@@ -36,6 +36,7 @@ NTSTATUS contact_winbind_auth_crap(const char *username,
 				   const DATA_BLOB *lm_response,
 				   const DATA_BLOB *nt_response,
 				   uint32 flags,
+				   uint32 extra_logon_parameters,
 				   uint8 lm_key[8],
 				   uint8 user_session_key[16],
 				   char **error_string,
author	Andrew Bartlett <abartlet@samba.org>	2012-02-19 10:56:12 +1100
committer	Andrew Bartlett <abartlet@samba.org>	2012-02-20 10:50:48 +1100
commit	f91c616176555dc29052abd4c09ab1bf292c2929 (patch)
tree	55744851663ddea8e97ac931047c45dcf2d9dcdb /source3
parent	3ebd79a6d042a1d7b4d671aec65883b2b786b7c5 (diff)
download	samba-f91c616176555dc29052abd4c09ab1bf292c2929.tar.gz samba-f91c616176555dc29052abd4c09ab1bf292c2929.tar.bz2 samba-f91c616176555dc29052abd4c09ab1bf292c2929.zip