summaryrefslogtreecommitdiff
path: root/source3/libsmb
diff options
context:
space:
mode:
Diffstat (limited to 'source3/libsmb')
-rw-r--r--source3/libsmb/cliconnect.c21
1 files changed, 12 insertions, 9 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index 66c1937504..ec1ec670ac 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -122,6 +122,7 @@ static struct tevent_req *cli_session_setup_lanman2_send(
uint16_t *vwv;
uint8_t *bytes;
char *tmp;
+ uint16_t sec_mode = cli_state_security_mode(cli);
req = tevent_req_create(mem_ctx, &state,
struct cli_session_setup_lanman2_state);
@@ -145,12 +146,12 @@ static struct tevent_req *cli_session_setup_lanman2_send(
/*
* if in share level security then don't send a password now
*/
- if (!(cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
+ if (!(sec_mode & NEGOTIATE_SECURITY_USER_LEVEL)) {
passlen = 0;
}
if (passlen > 0
- && (cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)
+ && (sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)
&& passlen != 24) {
/*
* Encrypted mode needed, and non encrypted password
@@ -169,7 +170,7 @@ static struct tevent_req *cli_session_setup_lanman2_send(
tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
return tevent_req_post(req, ev);
}
- } else if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)
+ } else if ((sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE)
&& passlen == 24) {
/*
* Encrypted mode needed, and encrypted password
@@ -1976,6 +1977,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
{
char *p;
char *user2;
+ uint16_t sec_mode = cli_state_security_mode(cli);
if (user) {
user2 = talloc_strdup(talloc_tos(), user);
@@ -2016,7 +2018,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
return NT_STATUS_ACCESS_DENIED;
}
- if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0 &&
+ if ((sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0 &&
!lp_client_plaintext_auth() && (*pass)) {
DEBUG(1, ("Server requested LM password but 'client plaintext auth = no'"
" or 'client ntlmv2 auth = yes'\n"));
@@ -2037,13 +2039,13 @@ NTSTATUS cli_session_setup(struct cli_state *cli,
password at this point. The password is sent in the tree
connect */
- if ((cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) == 0)
+ if ((sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) == 0)
return cli_session_setup_plain(cli, user, "", workgroup);
/* if the server doesn't support encryption then we have to use
plaintext. The second password is ignored */
- if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
+ if ((sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) == 0) {
if (!lp_client_plaintext_auth() && (*pass)) {
DEBUG(1, ("Server requested LM password but 'client plaintext auth = no'"
" or 'client ntlmv2 auth = yes'\n"));
@@ -2193,6 +2195,7 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
uint16_t *vwv;
char *tmp = NULL;
uint8_t *bytes;
+ uint16_t sec_mode = cli_state_security_mode(cli);
*psmbreq = NULL;
@@ -2209,7 +2212,7 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
}
/* in user level security don't send a password now */
- if (cli->sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
+ if (sec_mode & NEGOTIATE_SECURITY_USER_LEVEL) {
passlen = 1;
pass = "";
} else if (pass == NULL) {
@@ -2218,7 +2221,7 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
goto access_denied;
}
- if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) &&
+ if ((sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) &&
*pass && passlen != 24) {
if (!lp_client_lanman_auth()) {
DEBUG(1, ("Server requested LANMAN password "
@@ -2235,7 +2238,7 @@ struct tevent_req *cli_tcon_andx_create(TALLOC_CTX *mem_ctx,
passlen = 24;
pass = (const char *)p24;
} else {
- if((cli->sec_mode & (NEGOTIATE_SECURITY_USER_LEVEL
+ if((sec_mode & (NEGOTIATE_SECURITY_USER_LEVEL
|NEGOTIATE_SECURITY_CHALLENGE_RESPONSE))
== 0) {
uint8_t *tmp_pass;