From 7c29698e4182f034c0b8251be3bb9370cb35ec08 Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Thu, 15 Jul 1999 21:25:58 +0000 Subject: work-around for win95 NULL session bug: NULL password actually being placed in data stream before username / domain, whereas NT doesn't do this... (This used to be commit 44e6d4c1b0b6ae54e76e96471b40bb784c8b3c8c) --- source3/smbd/reply.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'source3') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b8300da40a..bb6e8654d3 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -609,7 +609,7 @@ user %s attempted down-level SMB connection\n", user)); passlen2 = 0; } - if(doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { + if (doencrypt || ((lp_security() == SEC_SERVER) || (lp_security() == SEC_DOMAIN))) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); @@ -632,12 +632,22 @@ user %s attempted down-level SMB connection\n", user)); } } - p += passlen1 + passlen2; + if (passlen2 == 0 && smb_apasslen == 0 && ra_type == RA_WIN95) + { + /* work-around for win95 NULL sessions, where NULL password is + actually put in the data stream before the domain name etc */ + p++; + } + else + { + p += passlen1 + passlen2; + } + fstrcpy(user,p); p = skip_string(p,1); domain = p; DEBUG(3,("Domain=[%s] NativeOS=[%s] NativeLanMan=[%s]\n", - domain,skip_string(p,1),skip_string(p,2))); + domain, skip_string(p,1), skip_string(p,2))); } DEBUG(3,("sesssetupX:name=[%s]\n",user)); -- cgit