From 9e745ada4cc89cbf01ce4604ddeb03983ff8389b Mon Sep 17 00:00:00 2001
From: Tim Potter <tpot@samba.org>
Date: Fri, 22 Nov 2002 06:51:14 +0000
Subject: Added some extra code to test absence/presence of LM and NT
 passwords. (This used to be commit 6f1d48555f53ea3b32a7b8a6cf0fc2e148c311b7)

---
 source3/python/py_winbind.c | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

(limited to 'source3/python')

diff --git a/source3/python/py_winbind.c b/source3/python/py_winbind.c
index ef6bc06233..783ac54439 100644
--- a/source3/python/py_winbind.c
+++ b/source3/python/py_winbind.c
@@ -412,13 +412,18 @@ static PyObject *py_auth_plaintext(PyObject *self, PyObject *args)
 
 /* Challenge/response authentication */
 
-static PyObject *py_auth_crap(PyObject *self, PyObject *args)
+static PyObject *py_auth_crap(PyObject *self, PyObject *args, PyObject *kw)
 {
+	static char *kwlist[] = 
+		{"username", "password", "use_lm_hash", "use_nt_hash", NULL };
 	struct winbindd_request request;
 	struct winbindd_response response;
 	char *username, *password;
+	int use_lm_hash = 1, use_nt_hash = 1;
 
-	if (!PyArg_ParseTuple(args, "ss", &username, &password))
+	if (!PyArg_ParseTupleAndKeywords(
+		    args, kw, "ss|ii", kwlist, &username, &password, 
+		    &use_lm_hash, &use_nt_hash))
 		return NULL;
 
 	ZERO_STRUCT(request);
@@ -428,13 +433,17 @@ static PyObject *py_auth_crap(PyObject *self, PyObject *args)
 
 	generate_random_buffer(request.data.auth_crap.chal, 8, False);
         
-        SMBencrypt((uchar *)password, request.data.auth_crap.chal, 
-                   (uchar *)request.data.auth_crap.lm_resp);
-        SMBNTencrypt((uchar *)password, request.data.auth_crap.chal,
-                     (uchar *)request.data.auth_crap.nt_resp);
+	if (use_lm_hash) {
+		SMBencrypt((uchar *)password, request.data.auth_crap.chal, 
+			   (uchar *)request.data.auth_crap.lm_resp);
+		request.data.auth_crap.lm_resp_len = 24;
+	}
 
-        request.data.auth_crap.lm_resp_len = 24;
-        request.data.auth_crap.nt_resp_len = 24;
+	if (use_nt_hash) {
+		SMBNTencrypt((uchar *)password, request.data.auth_crap.chal,
+			     (uchar *)request.data.auth_crap.nt_resp);
+		request.data.auth_crap.nt_resp_len = 24;
+	}
 
 	if (winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response) 
 	    != NSS_STATUS_SUCCESS) {
-- 
cgit