summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h4
-rw-r--r--source3/lib/genrand.c2
-rw-r--r--source3/nmbd/nmbd_logonnames.c2
-rw-r--r--source3/nmbd/nmbd_namequery.c2
-rw-r--r--source3/nmbd/nmbd_namerelease.c2
-rw-r--r--source3/param/loadparm.c3
-rw-r--r--source3/passdb/smbpass.c4
-rw-r--r--source3/smbd/ipc.c1
-rw-r--r--source3/smbd/password.c29
-rw-r--r--source3/smbd/reply.c2
-rw-r--r--source3/smbd/server.c3
11 files changed, 28 insertions, 26 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 0965527205..639817c049 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -41,7 +41,7 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsi
BOOL check_oem_password(char *user, unsigned char *data,
struct smb_passwd **psmbpw, char *new_passwd,
int new_passwd_size);
-BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL flag);
+BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override);
/*The following definitions come from client.c */
@@ -1547,7 +1547,7 @@ BOOL pm_process( char *FileName,
void generate_next_challenge(char *challenge);
BOOL set_challenge(char *challenge);
-BOOL last_challenge(char *challenge);
+BOOL last_challenge(unsigned char *challenge);
user_struct *get_valid_user_struct(uint16 vuid);
void invalidate_vuid(uint16 vuid);
char *validated_username(uint16 vuid);
diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c
index 3eae47486f..b09f683e62 100644
--- a/source3/lib/genrand.c
+++ b/source3/lib/genrand.c
@@ -151,7 +151,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf)
if (pw && pw->pw_passwd) {
int i;
unsigned char md4_tmp[16];
- mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd));
+ mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd));
for (i=0;i<16;i++)
md4_inbuf[8+i] ^= md4_tmp[i];
}
diff --git a/source3/nmbd/nmbd_logonnames.c b/source3/nmbd/nmbd_logonnames.c
index c5e2e6ca4f..dbbb8defaf 100644
--- a/source3/nmbd/nmbd_logonnames.c
+++ b/source3/nmbd/nmbd_logonnames.c
@@ -114,7 +114,7 @@ in workgroup %s on subnet %s\n",
/* Tell the namelist writer to write out a change. */
subrec->work_changed = True;
- DEBUG(0,("become_logon_server_success: Samba is now a logon server\
+ DEBUG(0,("become_logon_server_success: Samba is now a logon server \
for workgroup %s on subnet %s\n", work->work_group, subrec->subnet_name));
}
diff --git a/source3/nmbd/nmbd_namequery.c b/source3/nmbd/nmbd_namequery.c
index 1794efe890..509b3b3107 100644
--- a/source3/nmbd/nmbd_namequery.c
+++ b/source3/nmbd/nmbd_namequery.c
@@ -76,7 +76,7 @@ from IP %s for name %s. Error code was %d.\n", subrec->subnet_name, inet_ntoa(p-
success = True;
putip((char *)&answer_ip,&nmb->answers->rdata[2]);
- DEBUG(5,("query_name_response: On subnet %s - positive response from IP %s\
+ DEBUG(5,("query_name_response: On subnet %s - positive response from IP %s \
for name %s. IP of that name is %s\n", subrec->subnet_name, inet_ntoa(p->ip),
namestr(question_name), inet_ntoa(answer_ip)));
diff --git a/source3/nmbd/nmbd_namerelease.c b/source3/nmbd/nmbd_namerelease.c
index b2f9b47878..f72de8c20e 100644
--- a/source3/nmbd/nmbd_namerelease.c
+++ b/source3/nmbd/nmbd_namerelease.c
@@ -60,7 +60,7 @@ name %s.\n", namestr(answer_name), namestr(question_name)));
if(bcast)
{
/* Someone sent a response. This shouldn't happen/ */
- DEBUG(1,("release_name_response: A response for releasing name %s was received on a\
+ DEBUG(1,("release_name_response: A response for releasing name %s was received on a \
broadcast subnet %s. This should not happen !\n", namestr(answer_name), subrec->subnet_name));
return;
}
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index e4d27f1f64..cbb17adc95 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -755,7 +755,8 @@ static void init_globals(void)
Globals.client_code_page = DEFAULT_CLIENT_CODE_PAGE;
Globals.bTimeServer = False;
Globals.bBindInterfacesOnly = False;
- Globals.bNetWkstaUserLogon = True;
+ Globals.bNetWkstaUserLogon = False; /* This is now set to false by default as
+ the code in password.c protects us from this bug. */
Globals.bUnixPasswdSync = False;
Globals.bPasswdChatDebug = False;
diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c
index cd3cc76909..72e3c3035e 100644
--- a/source3/passdb/smbpass.c
+++ b/source3/passdb/smbpass.c
@@ -674,9 +674,9 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno)));
}
} else {
if(newpwd->acct_ctrl & ACB_PWNOTREQ)
- sprintf((char *)&p[i*2], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
+ sprintf(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX");
else
- sprintf((char *)&p[i*2], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
+ sprintf(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX");
}
p += 32;
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 2f9cc00dc9..3bdff29621 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -669,6 +669,7 @@ static void fill_printq_info(int cnum, int snum, int uLevel,
fgets(p,8191,f);
p[strlen(p)-1]='\0';
if (next_token(&p,tok,":") &&
+ (strlen(lp_printerdriver(snum)) == strlen(tok)) &&
(!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum)))))
ok=1;
}
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 57e7775b71..5127539466 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -91,7 +91,7 @@ BOOL set_challenge(char *challenge)
/*******************************************************************
get the last challenge sent
********************************************************************/
-BOOL last_challenge(char *challenge)
+BOOL last_challenge(unsigned char *challenge)
{
if (!challenge_sent) return(False);
memcpy(challenge,saved_challenge,8);
@@ -1036,7 +1036,7 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass,
use it (ie. does it exist in the smbpasswd file).
*/
DEBUG(4,("smb_password_ok: Checking NT MD4 password\n"));
- if (smb_password_check(nt_pass, smb_pass->smb_nt_passwd, challenge))
+ if (smb_password_check(nt_pass, (uchar *)smb_pass->smb_nt_passwd, challenge))
{
DEBUG(4,("smb_password_ok: NT MD4 password check succeeded\n"));
return(True);
@@ -1055,7 +1055,7 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass,
return True;
}
- if((smb_pass->smb_passwd != NULL) && smb_password_check(lm_pass, smb_pass->smb_passwd, challenge))
+ if((smb_pass->smb_passwd != NULL) && smb_password_check(lm_pass, (uchar *)smb_pass->smb_passwd, challenge))
{
DEBUG(4,("smb_password_ok: LM MD4 password check succeeded\n"));
return(True);
@@ -1074,7 +1074,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd)
pstring pass2;
int level = lp_passwordlevel();
struct passwd *pass;
- char challenge[8];
+ uchar challenge[8];
struct smb_passwd *smb_pass;
BOOL update_encrypted = lp_update_encrypted();
BOOL challenge_done = False;
@@ -1846,12 +1846,6 @@ use this machine as the password server.\n"));
return(False);
}
- if (!cli_send_tconX(&pw_cli, "IPC$", "IPC", "", 1)) {
- DEBUG(1,("password server %s refused IPC$ connect\n", pw_cli.desthost));
- cli_ulogoff(&pw_cli);
- return False;
- }
-
/*
* This patch from Rob Nielsen <ran@adc.com> makes doing
* the NetWksaUserLogon a dynamic, rather than compile-time
@@ -1863,28 +1857,36 @@ use this machine as the password server.\n"));
if (lp_net_wksta_user_logon()) {
DEBUG(3,("trying NetWkstaUserLogon with password server %s\n", pw_cli.desthost));
+
+ if (!cli_send_tconX(&pw_cli, "IPC$", "IPC", "", 1)) {
+ DEBUG(0,("password server %s refused IPC$ connect\n", pw_cli.desthost));
+ cli_ulogoff(&pw_cli);
+ return False;
+ }
+
if (!cli_NetWkstaUserLogon(&pw_cli,user,local_machine)) {
- DEBUG(1,("password server %s failed NetWkstaUserLogon\n", pw_cli.desthost));
+ DEBUG(0,("password server %s failed NetWkstaUserLogon\n", pw_cli.desthost));
cli_tdis(&pw_cli);
cli_ulogoff(&pw_cli);
return False;
}
if (pw_cli.privilages == 0) {
- DEBUG(1,("password server %s gave guest privilages\n", pw_cli.desthost));
+ DEBUG(0,("password server %s gave guest privilages\n", pw_cli.desthost));
cli_tdis(&pw_cli);
cli_ulogoff(&pw_cli);
return False;
}
if (!strequal(pw_cli.eff_name, user)) {
- DEBUG(1,("password server %s gave different username %s\n",
+ DEBUG(0,("password server %s gave different username %s\n",
pw_cli.desthost,
pw_cli.eff_name));
cli_tdis(&pw_cli);
cli_ulogoff(&pw_cli);
return False;
}
+ cli_tdis(&pw_cli);
}
else {
DEBUG(3,("skipping NetWkstaUserLogon with password server %s\n", pw_cli.desthost));
@@ -1892,7 +1894,6 @@ use this machine as the password server.\n"));
DEBUG(3,("password server %s accepted the password\n", pw_cli.desthost));
- cli_tdis(&pw_cli);
cli_ulogoff(&pw_cli);
return(True);
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index a8a0c2f98c..3a0d4a9bee 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -405,7 +405,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user,
return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE));
}
- if (!smb_password_ok(smb_trust_acct, smb_passwd, smb_nt_passwd))
+ if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd))
{
DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user));
SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 83293a5787..b6d2b82705 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1085,8 +1085,7 @@ static file_fd_struct *fd_get_new(void)
return fd_ptr;
}
}
- DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\
-n"));
+ DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\n"));
return 0;
}