From fd69ebda26ab62333202de51d3e392af1978c544 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 27 Dec 2011 19:39:32 +1100 Subject: s3-ntlmssp Remove unused ntlmssp_set_hashes() and do not set an invalid LM hash When E_deshash() returns false, it indicates that the password is either > 14 chars in length, or could not be represented as an LM hash value for some other reason. In this case, we should not regard the LM hash being missing as an error or a no-password situation. Andrew Bartlett Signed-off-by: Stefan Metzmacher Autobuild-User: Stefan Metzmacher Autobuild-Date: Fri Jan 6 14:59:13 CET 2012 on sn-devel-104 --- source3/include/proto.h | 3 --- source3/libsmb/ntlmssp.c | 48 +++++++++++++++++++++--------------------------- 2 files changed, 21 insertions(+), 30 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 7a7f60a765..9dcd334404 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1079,9 +1079,6 @@ bool get_dc_name(const char *domain, /* The following definitions come from libsmb/ntlmssp.c */ struct ntlmssp_state; NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *user) ; -NTSTATUS ntlmssp_set_hashes(struct ntlmssp_state *ntlmssp_state, - const uint8_t lm_hash[16], - const uint8_t nt_hash[16]) ; NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password) ; NTSTATUS ntlmssp_set_domain(struct ntlmssp_state *ntlmssp_state, const char *domain) ; void ntlmssp_want_feature_list(struct ntlmssp_state *ntlmssp_state, char *feature_list); diff --git a/source3/libsmb/ntlmssp.c b/source3/libsmb/ntlmssp.c index 866ce9218b..989f26b458 100644 --- a/source3/libsmb/ntlmssp.c +++ b/source3/libsmb/ntlmssp.c @@ -108,42 +108,36 @@ NTSTATUS ntlmssp_set_username(struct ntlmssp_state *ntlmssp_state, const char *u return NT_STATUS_OK; } -/** - * Store NT and LM hashes on an NTLMSSP context - ensures they are talloc()ed - * - */ -NTSTATUS ntlmssp_set_hashes(struct ntlmssp_state *ntlmssp_state, - const uint8_t lm_hash[16], - const uint8_t nt_hash[16]) -{ - ntlmssp_state->lm_hash = (uint8_t *) - talloc_memdup(ntlmssp_state, lm_hash, 16); - ntlmssp_state->nt_hash = (uint8_t *) - talloc_memdup(ntlmssp_state, nt_hash, 16); - if (!ntlmssp_state->lm_hash || !ntlmssp_state->nt_hash) { - TALLOC_FREE(ntlmssp_state->lm_hash); - TALLOC_FREE(ntlmssp_state->nt_hash); - return NT_STATUS_NO_MEMORY; - } - return NT_STATUS_OK; -} - /** * Converts a password to the hashes on an NTLMSSP context. * */ NTSTATUS ntlmssp_set_password(struct ntlmssp_state *ntlmssp_state, const char *password) { + TALLOC_FREE(ntlmssp_state->lm_hash); + TALLOC_FREE(ntlmssp_state->nt_hash); if (!password) { - ntlmssp_state->lm_hash = NULL; - ntlmssp_state->nt_hash = NULL; + return NT_STATUS_OK; } else { uint8_t lm_hash[16]; uint8_t nt_hash[16]; - E_deshash(password, lm_hash); + if (E_deshash(password, lm_hash)) { + ntlmssp_state->lm_hash = (uint8_t *) + talloc_memdup(ntlmssp_state, lm_hash, 16); + if (!ntlmssp_state->lm_hash) { + return NT_STATUS_NO_MEMORY; + } + } + E_md4hash(password, nt_hash); - return ntlmssp_set_hashes(ntlmssp_state, lm_hash, nt_hash); + + ntlmssp_state->nt_hash = (uint8_t *) + talloc_memdup(ntlmssp_state, nt_hash, 16); + if (!ntlmssp_state->nt_hash) { + TALLOC_FREE(ntlmssp_state->lm_hash); + return NT_STATUS_NO_MEMORY; + } } return NT_STATUS_OK; } @@ -593,7 +587,7 @@ noccache: return NT_STATUS_INVALID_PARAMETER; } - if (!ntlmssp_state->nt_hash || !ntlmssp_state->lm_hash) { + if (!ntlmssp_state->nt_hash) { static const uint8_t zeros[16] = {0, }; /* do nothing - blobs are zero length */ @@ -657,7 +651,7 @@ noccache: dump_data_pw("NTLM2 session key:\n", session_key.data, session_key.length); } else { /* lanman auth is insecure, it may be disabled */ - if (lp_client_lanman_auth()) { + if (lp_client_lanman_auth() && ntlmssp_state->lm_hash) { lm_response = data_blob_talloc(ntlmssp_state, NULL, 24); SMBencrypt_hash(ntlmssp_state->lm_hash,challenge_blob.data, @@ -670,7 +664,7 @@ noccache: session_key = data_blob_talloc(ntlmssp_state, NULL, 16); if ((ntlmssp_state->neg_flags & NTLMSSP_NEGOTIATE_LM_KEY) - && lp_client_lanman_auth()) { + && lp_client_lanman_auth() && ntlmssp_state->lm_hash) { SMBsesskeygen_lm_sess_key(ntlmssp_state->lm_hash, lm_response.data, session_key.data); dump_data_pw("LM session key\n", session_key.data, session_key.length); -- cgit