diff options
| author | Andrew Tridgell <tridge@samba.org> | 2002-07-30 15:03:14 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2002-07-30 15:03:14 +0000 |
| commit | 9edc1cd4cfd3c02cfb1b867f8450384c446e8b60 (patch) | |
| tree | 4b041804db2b9e9da316f1137e5c6260ba5458a3 | |
| parent | 28f4463c8b6608dce02311ea7271fc983aa76d56 (diff) | |
| download | samba-9edc1cd4cfd3c02cfb1b867f8450384c446e8b60.tar.gz samba-9edc1cd4cfd3c02cfb1b867f8450384c446e8b60.tar.xz samba-9edc1cd4cfd3c02cfb1b867f8450384c446e8b60.zip | |
this fixes plaintext passwords with win2000
there were 2 bugs:
1) we were sending a null challenge when we should have sent an empty
challenge
2) the password can be in unicode if unicode is negotiated. This means
our client code was wrong too :(
(This used to be commit 1a6dfddf6788b30fc81794b1bfe749693183b2c1)
| -rw-r--r-- | source3/libsmb/cliconnect.c | 5 | ||||
| -rw-r--r-- | source3/smbd/negprot.c | 6 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 7 |
3 files changed, 10 insertions, 8 deletions
diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index d29a6115fb..93cf3d95db 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -206,12 +206,11 @@ static BOOL cli_session_setup_plaintext(struct cli_state *cli, char *user, SSVAL(cli->outbuf,smb_vwv3,2); SSVAL(cli->outbuf,smb_vwv4,cli->pid); SIVAL(cli->outbuf,smb_vwv5,cli->sesskey); - SSVAL(cli->outbuf,smb_vwv7,passlen); SSVAL(cli->outbuf,smb_vwv8,0); SIVAL(cli->outbuf,smb_vwv11,capabilities); p = smb_buf(cli->outbuf); - memcpy(p, pword, passlen); - p += passlen; + p += clistr_push(cli, p, pword, -1, STR_TERMINATE); /* password */ + SSVAL(cli->outbuf,smb_vwv7,PTR_DIFF(p, smb_buf(cli->outbuf))); p += clistr_push(cli, p, user, -1, STR_TERMINATE); /* username */ p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE); /* workgroup */ p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE); diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index abe44aac8c..d8aea624be 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -288,10 +288,12 @@ static int reply_nt1(char *inbuf, char *outbuf) if (!negotiate_spnego) { /* Create a token value and add it to the outgoing packet. */ if (global_encrypted_passwords_negotiated) { + /* note that we do not send a challenge at all if + we are using plaintext */ get_challenge(p); + SSVALS(outbuf,smb_vwv16+1,8); + p += 8; } - SSVALS(outbuf,smb_vwv16+1,8); - p += 8; p += srvstr_push(outbuf, p, global_myworkgroup, -1, STR_UNICODE|STR_TERMINATE|STR_NOALIGN); DEBUG(3,("not using SPNEGO\n")); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 867b00ff5c..9d05e3f98a 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -699,9 +699,10 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, lm_resp = data_blob(p, passlen1); nt_resp = data_blob(p+passlen1, passlen2); } else { - plaintext_password = data_blob(p, passlen1+1); - /* Ensure null termination */ - plaintext_password.data[passlen1] = 0; + pstring pass; + srvstr_pull_buf(inbuf, pass, smb_buf(inbuf), + sizeof(pass), STR_TERMINATE); + plaintext_password = data_blob(pass, strlen(pass)); } p += passlen1 + passlen2; |