From 299e16112d781ab8c24134c249e0259265a15fd4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 16 Feb 2007 13:40:11 +0000 Subject: r21383: More possible "security=share" fixes. If a client is sending LMv2 make sure we test with the password blob in the LM field as well as the NT field. Jeremy. (This used to be commit a6b55beae7ae0c70cf955d01f51f881f9f962910) --- source3/auth/auth_compat.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/auth/auth_compat.c') diff --git a/source3/auth/auth_compat.c b/source3/auth/auth_compat.c index 7b9802f7d4..13035eece2 100644 --- a/source3/auth/auth_compat.c +++ b/source3/auth/auth_compat.c @@ -109,6 +109,9 @@ BOOL password_ok(char *smb_name, DATA_BLOB password_blob) if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), null_password, password_blob, null_password, encrypted))) { return True; } + if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), password_blob, null_password, null_password, encrypted))) { + return True; + } } if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) { -- cgit