diff options
-rw-r--r-- | source3/include/proto.h | 4 | ||||
-rw-r--r-- | source3/lib/genrand.c | 2 | ||||
-rw-r--r-- | source3/nmbd/nmbd_logonnames.c | 2 | ||||
-rw-r--r-- | source3/nmbd/nmbd_namequery.c | 2 | ||||
-rw-r--r-- | source3/nmbd/nmbd_namerelease.c | 2 | ||||
-rw-r--r-- | source3/param/loadparm.c | 3 | ||||
-rw-r--r-- | source3/passdb/smbpass.c | 4 | ||||
-rw-r--r-- | source3/smbd/ipc.c | 1 | ||||
-rw-r--r-- | source3/smbd/password.c | 29 | ||||
-rw-r--r-- | source3/smbd/reply.c | 2 | ||||
-rw-r--r-- | source3/smbd/server.c | 3 |
11 files changed, 28 insertions, 26 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 0965527205..639817c049 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -41,7 +41,7 @@ BOOL change_lanman_password(struct smb_passwd *smbpw, unsigned char *pass1, unsi BOOL check_oem_password(char *user, unsigned char *data, struct smb_passwd **psmbpw, char *new_passwd, int new_passwd_size); -BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL flag); +BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override); /*The following definitions come from client.c */ @@ -1547,7 +1547,7 @@ BOOL pm_process( char *FileName, void generate_next_challenge(char *challenge); BOOL set_challenge(char *challenge); -BOOL last_challenge(char *challenge); +BOOL last_challenge(unsigned char *challenge); user_struct *get_valid_user_struct(uint16 vuid); void invalidate_vuid(uint16 vuid); char *validated_username(uint16 vuid); diff --git a/source3/lib/genrand.c b/source3/lib/genrand.c index 3eae47486f..b09f683e62 100644 --- a/source3/lib/genrand.c +++ b/source3/lib/genrand.c @@ -151,7 +151,7 @@ static uint32 do_reseed(unsigned char *md4_outbuf) if (pw && pw->pw_passwd) { int i; unsigned char md4_tmp[16]; - mdfour(md4_tmp, pw->pw_passwd, strlen(pw->pw_passwd)); + mdfour(md4_tmp, (unsigned char *)pw->pw_passwd, strlen(pw->pw_passwd)); for (i=0;i<16;i++) md4_inbuf[8+i] ^= md4_tmp[i]; } diff --git a/source3/nmbd/nmbd_logonnames.c b/source3/nmbd/nmbd_logonnames.c index c5e2e6ca4f..dbbb8defaf 100644 --- a/source3/nmbd/nmbd_logonnames.c +++ b/source3/nmbd/nmbd_logonnames.c @@ -114,7 +114,7 @@ in workgroup %s on subnet %s\n", /* Tell the namelist writer to write out a change. */ subrec->work_changed = True; - DEBUG(0,("become_logon_server_success: Samba is now a logon server\ + DEBUG(0,("become_logon_server_success: Samba is now a logon server \ for workgroup %s on subnet %s\n", work->work_group, subrec->subnet_name)); } diff --git a/source3/nmbd/nmbd_namequery.c b/source3/nmbd/nmbd_namequery.c index 1794efe890..509b3b3107 100644 --- a/source3/nmbd/nmbd_namequery.c +++ b/source3/nmbd/nmbd_namequery.c @@ -76,7 +76,7 @@ from IP %s for name %s. Error code was %d.\n", subrec->subnet_name, inet_ntoa(p- success = True; putip((char *)&answer_ip,&nmb->answers->rdata[2]); - DEBUG(5,("query_name_response: On subnet %s - positive response from IP %s\ + DEBUG(5,("query_name_response: On subnet %s - positive response from IP %s \ for name %s. IP of that name is %s\n", subrec->subnet_name, inet_ntoa(p->ip), namestr(question_name), inet_ntoa(answer_ip))); diff --git a/source3/nmbd/nmbd_namerelease.c b/source3/nmbd/nmbd_namerelease.c index b2f9b47878..f72de8c20e 100644 --- a/source3/nmbd/nmbd_namerelease.c +++ b/source3/nmbd/nmbd_namerelease.c @@ -60,7 +60,7 @@ name %s.\n", namestr(answer_name), namestr(question_name))); if(bcast) { /* Someone sent a response. This shouldn't happen/ */ - DEBUG(1,("release_name_response: A response for releasing name %s was received on a\ + DEBUG(1,("release_name_response: A response for releasing name %s was received on a \ broadcast subnet %s. This should not happen !\n", namestr(answer_name), subrec->subnet_name)); return; } diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index e4d27f1f64..cbb17adc95 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -755,7 +755,8 @@ static void init_globals(void) Globals.client_code_page = DEFAULT_CLIENT_CODE_PAGE; Globals.bTimeServer = False; Globals.bBindInterfacesOnly = False; - Globals.bNetWkstaUserLogon = True; + Globals.bNetWkstaUserLogon = False; /* This is now set to false by default as + the code in password.c protects us from this bug. */ Globals.bUnixPasswdSync = False; Globals.bPasswdChatDebug = False; diff --git a/source3/passdb/smbpass.c b/source3/passdb/smbpass.c index cd3cc76909..72e3c3035e 100644 --- a/source3/passdb/smbpass.c +++ b/source3/passdb/smbpass.c @@ -674,9 +674,9 @@ Error was %s\n", newpwd->smb_name, pfile, strerror(errno))); } } else { if(newpwd->acct_ctrl & ACB_PWNOTREQ) - sprintf((char *)&p[i*2], "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); + sprintf(p, "NO PASSWORDXXXXXXXXXXXXXXXXXXXXX"); else - sprintf((char *)&p[i*2], "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); + sprintf(p, "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"); } p += 32; diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 2f9cc00dc9..3bdff29621 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -669,6 +669,7 @@ static void fill_printq_info(int cnum, int snum, int uLevel, fgets(p,8191,f); p[strlen(p)-1]='\0'; if (next_token(&p,tok,":") && + (strlen(lp_printerdriver(snum)) == strlen(tok)) && (!strncmp(tok,lp_printerdriver(snum),strlen(lp_printerdriver(snum))))) ok=1; } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 57e7775b71..5127539466 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -91,7 +91,7 @@ BOOL set_challenge(char *challenge) /******************************************************************* get the last challenge sent ********************************************************************/ -BOOL last_challenge(char *challenge) +BOOL last_challenge(unsigned char *challenge) { if (!challenge_sent) return(False); memcpy(challenge,saved_challenge,8); @@ -1036,7 +1036,7 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass, use it (ie. does it exist in the smbpasswd file). */ DEBUG(4,("smb_password_ok: Checking NT MD4 password\n")); - if (smb_password_check(nt_pass, smb_pass->smb_nt_passwd, challenge)) + if (smb_password_check(nt_pass, (uchar *)smb_pass->smb_nt_passwd, challenge)) { DEBUG(4,("smb_password_ok: NT MD4 password check succeeded\n")); return(True); @@ -1055,7 +1055,7 @@ BOOL smb_password_ok(struct smb_passwd *smb_pass, return True; } - if((smb_pass->smb_passwd != NULL) && smb_password_check(lm_pass, smb_pass->smb_passwd, challenge)) + if((smb_pass->smb_passwd != NULL) && smb_password_check(lm_pass, (uchar *)smb_pass->smb_passwd, challenge)) { DEBUG(4,("smb_password_ok: LM MD4 password check succeeded\n")); return(True); @@ -1074,7 +1074,7 @@ BOOL password_ok(char *user,char *password, int pwlen, struct passwd *pwd) pstring pass2; int level = lp_passwordlevel(); struct passwd *pass; - char challenge[8]; + uchar challenge[8]; struct smb_passwd *smb_pass; BOOL update_encrypted = lp_update_encrypted(); BOOL challenge_done = False; @@ -1846,12 +1846,6 @@ use this machine as the password server.\n")); return(False); } - if (!cli_send_tconX(&pw_cli, "IPC$", "IPC", "", 1)) { - DEBUG(1,("password server %s refused IPC$ connect\n", pw_cli.desthost)); - cli_ulogoff(&pw_cli); - return False; - } - /* * This patch from Rob Nielsen <ran@adc.com> makes doing * the NetWksaUserLogon a dynamic, rather than compile-time @@ -1863,28 +1857,36 @@ use this machine as the password server.\n")); if (lp_net_wksta_user_logon()) { DEBUG(3,("trying NetWkstaUserLogon with password server %s\n", pw_cli.desthost)); + + if (!cli_send_tconX(&pw_cli, "IPC$", "IPC", "", 1)) { + DEBUG(0,("password server %s refused IPC$ connect\n", pw_cli.desthost)); + cli_ulogoff(&pw_cli); + return False; + } + if (!cli_NetWkstaUserLogon(&pw_cli,user,local_machine)) { - DEBUG(1,("password server %s failed NetWkstaUserLogon\n", pw_cli.desthost)); + DEBUG(0,("password server %s failed NetWkstaUserLogon\n", pw_cli.desthost)); cli_tdis(&pw_cli); cli_ulogoff(&pw_cli); return False; } if (pw_cli.privilages == 0) { - DEBUG(1,("password server %s gave guest privilages\n", pw_cli.desthost)); + DEBUG(0,("password server %s gave guest privilages\n", pw_cli.desthost)); cli_tdis(&pw_cli); cli_ulogoff(&pw_cli); return False; } if (!strequal(pw_cli.eff_name, user)) { - DEBUG(1,("password server %s gave different username %s\n", + DEBUG(0,("password server %s gave different username %s\n", pw_cli.desthost, pw_cli.eff_name)); cli_tdis(&pw_cli); cli_ulogoff(&pw_cli); return False; } + cli_tdis(&pw_cli); } else { DEBUG(3,("skipping NetWkstaUserLogon with password server %s\n", pw_cli.desthost)); @@ -1892,7 +1894,6 @@ use this machine as the password server.\n")); DEBUG(3,("password server %s accepted the password\n", pw_cli.desthost)); - cli_tdis(&pw_cli); cli_ulogoff(&pw_cli); return(True); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index a8a0c2f98c..3a0d4a9bee 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -405,7 +405,7 @@ static int session_trust_account(char *inbuf, char *outbuf, char *user, return(ERROR(0, 0xc0000000|NT_STATUS_LOGON_FAILURE)); } - if (!smb_password_ok(smb_trust_acct, smb_passwd, smb_nt_passwd)) + if (!smb_password_ok(smb_trust_acct, (unsigned char *)smb_passwd, (unsigned char *)smb_nt_passwd)) { DEBUG(0,("session_trust_account: Trust Account %s - password failed\n", user)); SSVAL(outbuf, smb_flg2, FLAGS2_32_BIT_ERROR_CODES); diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 83293a5787..b6d2b82705 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -1085,8 +1085,7 @@ static file_fd_struct *fd_get_new(void) return fd_ptr; } } - DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\ -n")); + DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\n")); return 0; } |