summaryrefslogtreecommitdiff
path: root/source4/auth
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2011-05-05 13:59:08 +1000
committerAndrew Tridgell <tridge@samba.org>2011-05-05 07:00:14 +0200
commit323c7445713d17989452b99bbb541248bb2388eb (patch)
tree0b4804896ff093bf3e02a919eee27cbc9d608563 /source4/auth
parent8563d5c384f672276d8ea2ab20a1810ff485e37d (diff)
downloadsamba-323c7445713d17989452b99bbb541248bb2388eb.tar.gz
samba-323c7445713d17989452b99bbb541248bb2388eb.tar.bz2
samba-323c7445713d17989452b99bbb541248bb2388eb.zip
s4-auth: removed the password combinations code in auth_unix
this code never did anything due to a typo, and was untested. We should not be inluding a password cracker in Samba anyway. Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Autobuild-User: Andrew Tridgell <tridge@samba.org> Autobuild-Date: Thu May 5 07:00:14 CEST 2011 on sn-devel-104
Diffstat (limited to 'source4/auth')
-rw-r--r--source4/auth/ntlm/auth_unix.c43
1 files changed, 4 insertions, 39 deletions
diff --git a/source4/auth/ntlm/auth_unix.c b/source4/auth/ntlm/auth_unix.c
index 743cb8103d..7fdb4b3ae0 100644
--- a/source4/auth/ntlm/auth_unix.c
+++ b/source4/auth/ntlm/auth_unix.c
@@ -737,46 +737,11 @@ static NTSTATUS check_unix_password(TALLOC_CTX *ctx, struct loadparm_context *lp
return nt_status;
}
- if ( user_info->flags | USER_INFO_CASE_INSENSITIVE_PASSWORD) {
- return nt_status;
- }
-
- /* if the password was given to us with mixed case then we don't
- * need to proceed as we know it hasn't been case modified by the
- * client */
- if (strhasupper(password) && strhaslower(password)) {
- return nt_status;
- }
-
- /* make a copy of it */
- pwcopy = talloc_strdup(ctx, password);
- if (!pwcopy)
- return NT_STATUS_NO_MEMORY;
-
- /* try all lowercase if it's currently all uppercase */
- if (strhasupper(pwcopy)) {
- strlower(pwcopy);
- nt_status = password_check(username, pwcopy, crypted, salt);
- if NT_STATUS_IS_OK(nt_status) {
- *ret_passwd = pws;
- return nt_status;
- }
- }
-
- /* give up? */
- if (level < 1) {
- return NT_STATUS_WRONG_PASSWORD;
- }
-
- /* last chance - all combinations of up to level chars upper! */
- strlower(pwcopy);
+ /* we no longer try different case combinations here. The use
+ * of this code is now web auth, where trying different case
+ * combinations makes no sense
+ */
-#if 0
- if (NT_STATUS_IS_OK(nt_status = string_combinations(pwcopy, password_check, level))) {
- *ret_passwd = pws;
- return nt_status;
- }
-#endif
return NT_STATUS_WRONG_PASSWORD;
}