summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_unix.c6
-rw-r--r--source3/auth/auth_util.c47
2 files changed, 31 insertions, 22 deletions
diff --git a/source3/auth/auth_unix.c b/source3/auth/auth_unix.c
index d456da1fdf..8c4a520350 100644
--- a/source3/auth/auth_unix.c
+++ b/source3/auth/auth_unix.c
@@ -98,13 +98,15 @@ NTSTATUS check_unix_security(const auth_usersupplied_info *user_info, auth_serve
update_smbpassword_file : NULL,
True);
+ unbecome_root();
+
if NT_STATUS_IS_OK(nt_status) {
if (pass) {
make_server_info_pw(server_info, pass);
+ } else {
+ nt_status = NT_STATUS_NO_SUCH_USER;
}
}
- unbecome_root();
-
return nt_status;
}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 85f01605ab..9de8142578 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -282,9 +282,12 @@ BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info,
if (lm_pwd_len)
ntlmssp_flags |= NTLMSSP_NEGOTIATE_OEM;
- if (nt_pwd_len)
+ if (nt_pwd_len == 24) {
ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM;
-
+ } else if (nt_pwd_len != 0) {
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM2;
+ }
+
ret = make_user_info_map(user_info,
smb_name, client_domain,
wksta_name, sec_blob,
@@ -303,15 +306,15 @@ BOOL make_user_info_netlogon_network(auth_usersupplied_info **user_info,
****************************************************************************/
BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
- char *smb_name,
- char *client_domain,
- char *wksta_name,
- uchar *lm_interactive_pwd, int lm_pwd_len,
- uchar *nt_interactive_pwd, int nt_pwd_len,
- uchar *dc_sess_key)
+ char *smb_name,
+ char *client_domain,
+ char *wksta_name,
+ uchar lm_interactive_pwd[16],
+ uchar nt_interactive_pwd[16],
+ uchar *dc_sess_key)
{
- char nt_pwd[16];
char lm_pwd[16];
+ char nt_pwd[16];
unsigned char local_lm_response[24];
unsigned char local_nt_response[24];
unsigned char key[16];
@@ -320,32 +323,32 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
generate_random_buffer(chal, 8, False);
- memset(key, 0, 16);
+ ZERO_STRUCT(key);
memcpy(key, dc_sess_key, 8);
- memcpy(lm_pwd, lm_interactive_pwd, 16);
- memcpy(nt_pwd, nt_interactive_pwd, 16);
+ if (lm_interactive_pwd) memcpy(lm_pwd, lm_interactive_pwd, sizeof(lm_pwd));
+ if (nt_interactive_pwd) memcpy(nt_pwd, nt_interactive_pwd, sizeof(nt_pwd));
#ifdef DEBUG_PASSWORD
DEBUG(100,("key:"));
- dump_data(100, (char *)key, 16);
+ dump_data(100, (char *)key, sizeof(key));
DEBUG(100,("lm owf password:"));
- dump_data(100, lm_pwd, 16);
+ dump_data(100, lm_pwd, sizeof(lm_pwd));
DEBUG(100,("nt owf password:"));
- dump_data(100, nt_pwd, 16);
+ dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
- SamOEMhash((uchar *)lm_pwd, key, 16);
- SamOEMhash((uchar *)nt_pwd, key, 16);
+ SamOEMhash((uchar *)lm_pwd, key, sizeof(lm_pwd));
+ SamOEMhash((uchar *)nt_pwd, key, sizeof(nt_pwd));
#ifdef DEBUG_PASSWORD
DEBUG(100,("decrypt of lm owf password:"));
- dump_data(100, lm_pwd, 16);
+ dump_data(100, lm_pwd, sizeof(lm_pwd));
DEBUG(100,("decrypt of nt owf password:"));
- dump_data(100, nt_pwd, 16);
+ dump_data(100, nt_pwd, sizeof(nt_pwd));
#endif
generate_random_buffer(chal, 8, False);
@@ -364,7 +367,11 @@ BOOL make_user_info_netlogon_interactive(auth_usersupplied_info **user_info,
DATA_BLOB local_nt_blob = data_blob(local_nt_response, sizeof(local_nt_response));
DATA_BLOB plaintext_blob = data_blob(NULL, 0);
- ntlmssp_flags = NTLMSSP_NEGOTIATE_OEM | NTLMSSP_NEGOTIATE_NTLM;
+ if (lm_interactive_pwd)
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_OEM;
+ if (nt_interactive_pwd)
+ ntlmssp_flags |= NTLMSSP_NEGOTIATE_NTLM;
+
ret = make_user_info_map(user_info,
smb_name, client_domain,
wksta_name, sec_blob,