r2494: fixed connecting to a share mode server (tested and really works now)

(This used to be commit 25f725c9be8fe5a7fd85488214b598bc431d4c7f)

1 files changed, 10 insertions, 3 deletions

diff --git a/source4/libcli/cliconnect.c b/source4/libcli/cliconnect.c
index f25f29f86e..66882f605d 100644
--- a/source4/libcli/cliconnect.c
+++ b/source4/libcli/cliconnect.c
@@ -83,7 +83,11 @@ NTSTATUS smbcli_session_setup(struct smbcli_state *cli,
 		setup.generic.in.domain = "";
 		setup.generic.in.capabilities &= ~CAP_EXTENDED_SECURITY;
 	} else {
-		setup.generic.in.password = password;
+		if (cli->transport->negotiate.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
+			setup.generic.in.password = password;
+		} else {
+			setup.generic.in.password = NULL;
+		}
 		setup.generic.in.user = user;
 		setup.generic.in.domain = domain;
 	}
@@ -121,8 +125,11 @@ NTSTATUS smbcli_send_tconX(struct smbcli_state *cli, const char *sharename,
 	if (cli->transport->negotiate.sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
 		tcon.tconx.in.password = data_blob(NULL, 0);
 	} else if (cli->transport->negotiate.sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) {
-		tcon.tconx.in.password = data_blob_talloc(mem_ctx, NULL, 16);
-		E_md4hash(password, tcon.tconx.in.password.data);
+		tcon.tconx.in.password = data_blob_talloc(mem_ctx, NULL, 24);
+		if (cli->transport->negotiate.secblob.length < 8) {
+			return NT_STATUS_INVALID_PARAMETER;
+		}
+		SMBencrypt(password, cli->transport->negotiate.secblob.data, tcon.tconx.in.password.data);
 	} else {
 		tcon.tconx.in.password = data_blob_talloc(mem_ctx, password, strlen(password)+1);
 	}