summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/libsmb/cliconnect.c5
-rw-r--r--source3/smbd/negprot.c6
-rw-r--r--source3/smbd/sesssetup.c7
3 files changed, 10 insertions, 8 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c
index d29a6115fb..93cf3d95db 100644
--- a/source3/libsmb/cliconnect.c
+++ b/source3/libsmb/cliconnect.c
@@ -206,12 +206,11 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, char *user,
SSVAL(cli->outbuf,smb_vwv3,2);
SSVAL(cli->outbuf,smb_vwv4,cli->pid);
SIVAL(cli->outbuf,smb_vwv5,cli->sesskey);
- SSVAL(cli->outbuf,smb_vwv7,passlen);
SSVAL(cli->outbuf,smb_vwv8,0);
SIVAL(cli->outbuf,smb_vwv11,capabilities);
p = smb_buf(cli->outbuf);
- memcpy(p, pword, passlen);
- p += passlen;
+ p += clistr_push(cli, p, pword, -1, STR_TERMINATE); /* password */
+ SSVAL(cli->outbuf,smb_vwv7,PTR_DIFF(p, smb_buf(cli->outbuf)));
p += clistr_push(cli, p, user, -1, STR_TERMINATE); /* username */
p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE); /* workgroup */
p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index abe44aac8c..d8aea624be 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -288,10 +288,12 @@ static int reply_nt1(char *inbuf, char *outbuf)
if (!negotiate_spnego) {
/* Create a token value and add it to the outgoing packet. */
if (global_encrypted_passwords_negotiated) {
+ /* note that we do not send a challenge at all if
+ we are using plaintext */
get_challenge(p);
+ SSVALS(outbuf,smb_vwv16+1,8);
+ p += 8;
}
- SSVALS(outbuf,smb_vwv16+1,8);
- p += 8;
p += srvstr_push(outbuf, p, global_myworkgroup, -1,
STR_UNICODE|STR_TERMINATE|STR_NOALIGN);
DEBUG(3,("not using SPNEGO\n"));
diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c
index 867b00ff5c..9d05e3f98a 100644
--- a/source3/smbd/sesssetup.c
+++ b/source3/smbd/sesssetup.c
@@ -699,9 +699,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf,
lm_resp = data_blob(p, passlen1);
nt_resp = data_blob(p+passlen1, passlen2);
} else {
- plaintext_password = data_blob(p, passlen1+1);
- /* Ensure null termination */
- plaintext_password.data[passlen1] = 0;
+ pstring pass;
+ srvstr_pull_buf(inbuf, pass, smb_buf(inbuf),
+ sizeof(pass), STR_TERMINATE);
+ plaintext_password = data_blob(pass, strlen(pass));
}
p += passlen1 + passlen2;