From f3826432fb14b1e10516afe9f6525aab7c1b720f Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 7 Jun 2004 22:17:51 +0000
Subject: r1080: Make sure to initialise all the returned elements in the
 SamLogon reply also initialise the LM session key, when we have it (was
 failing because the auth code was setting it's length wrong).

Andrew Bartlett
(This used to be commit de97d9df224f769953e850a276515923a830839c)
---
 source4/libcli/auth/ntlm_check.c | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

(limited to 'source4/libcli')

diff --git a/source4/libcli/auth/ntlm_check.c b/source4/libcli/auth/ntlm_check.c
index eab150ad4d..f101b230d4 100644
--- a/source4/libcli/auth/ntlm_check.c
+++ b/source4/libcli/auth/ntlm_check.c
@@ -326,10 +326,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 				   so use it only if we otherwise allow LM authentication */
 
 				if (lp_lanman_auth() && lm_pw) {
-					uint8_t first_8_lm_hash[16];
-					memcpy(first_8_lm_hash, lm_pw, 8);
-					memset(first_8_lm_hash + 8, '\0', 8);
-					*lm_sess_key = data_blob(first_8_lm_hash, 16);
+					*lm_sess_key = data_blob(lm_pw, 8);
 				}
 				return NT_STATUS_OK;
 			} else {
@@ -367,11 +364,17 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 		if (smb_pwd_check_ntlmv1(lm_response, 
 					 lm_pw, challenge,
 					 NULL)) {
-			uint8_t first_8_lm_hash[16];
-			memcpy(first_8_lm_hash, lm_pw, 8);
-			memset(first_8_lm_hash + 8, '\0', 8);
-			*user_sess_key = data_blob(first_8_lm_hash, 16);
-			*lm_sess_key = data_blob(first_8_lm_hash, 16);
+			/* The session key for this response is still very odd.  
+			   It not very secure, so use it only if we otherwise 
+			   allow LM authentication */
+
+			if (lp_lanman_auth() && lm_pw) {
+				uint8_t first_8_lm_hash[16];
+				memcpy(first_8_lm_hash, lm_pw, 8);
+				memset(first_8_lm_hash + 8, '\0', 8);
+				*user_sess_key = data_blob(first_8_lm_hash, 16);
+				*lm_sess_key = data_blob(lm_pw, 8);
+			}
 			return NT_STATUS_OK;
 		}
 	}
@@ -431,7 +434,7 @@ NTSTATUS ntlm_password_check(TALLOC_CTX *mem_ctx,
 				memcpy(first_8_lm_hash, lm_pw, 8);
 				memset(first_8_lm_hash + 8, '\0', 8);
 				*user_sess_key = data_blob(first_8_lm_hash, 16);
-				*lm_sess_key = data_blob(first_8_lm_hash, 16);
+				*lm_sess_key = data_blob(lm_pw, 8);
 			}
 			return NT_STATUS_OK;
 		}
-- 
cgit