diff options
author | Tim Potter <tpot@samba.org> | 2002-11-29 01:12:15 +0000 |
---|---|---|
committer | Tim Potter <tpot@samba.org> | 2002-11-29 01:12:15 +0000 |
commit | 77c25dfbaae97802d5ca3258b874fe13d6270054 (patch) | |
tree | 22f4ffc519e02513b341fe70b36610c15461426b /source3/python/py_winbind.c | |
parent | 9fe17afefeca3576841dfee8bf05d71f1dac32cc (diff) | |
download | samba-77c25dfbaae97802d5ca3258b874fe13d6270054.tar.gz samba-77c25dfbaae97802d5ca3258b874fe13d6270054.tar.xz samba-77c25dfbaae97802d5ca3258b874fe13d6270054.zip |
Merge from HEAD:
>Added some extra code to test absence/presence of LM and NT passwords.
(This used to be commit 89a2ee7e72fef444632659af13feaf94d3f6e9ce)
Diffstat (limited to 'source3/python/py_winbind.c')
-rw-r--r-- | source3/python/py_winbind.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/source3/python/py_winbind.c b/source3/python/py_winbind.c index ef6bc06233..783ac54439 100644 --- a/source3/python/py_winbind.c +++ b/source3/python/py_winbind.c @@ -412,13 +412,18 @@ static PyObject *py_auth_plaintext(PyObject *self, PyObject *args) /* Challenge/response authentication */ -static PyObject *py_auth_crap(PyObject *self, PyObject *args) +static PyObject *py_auth_crap(PyObject *self, PyObject *args, PyObject *kw) { + static char *kwlist[] = + {"username", "password", "use_lm_hash", "use_nt_hash", NULL }; struct winbindd_request request; struct winbindd_response response; char *username, *password; + int use_lm_hash = 1, use_nt_hash = 1; - if (!PyArg_ParseTuple(args, "ss", &username, &password)) + if (!PyArg_ParseTupleAndKeywords( + args, kw, "ss|ii", kwlist, &username, &password, + &use_lm_hash, &use_nt_hash)) return NULL; ZERO_STRUCT(request); @@ -428,13 +433,17 @@ static PyObject *py_auth_crap(PyObject *self, PyObject *args) generate_random_buffer(request.data.auth_crap.chal, 8, False); - SMBencrypt((uchar *)password, request.data.auth_crap.chal, - (uchar *)request.data.auth_crap.lm_resp); - SMBNTencrypt((uchar *)password, request.data.auth_crap.chal, - (uchar *)request.data.auth_crap.nt_resp); + if (use_lm_hash) { + SMBencrypt((uchar *)password, request.data.auth_crap.chal, + (uchar *)request.data.auth_crap.lm_resp); + request.data.auth_crap.lm_resp_len = 24; + } - request.data.auth_crap.lm_resp_len = 24; - request.data.auth_crap.nt_resp_len = 24; + if (use_nt_hash) { + SMBNTencrypt((uchar *)password, request.data.auth_crap.chal, + (uchar *)request.data.auth_crap.nt_resp); + request.data.auth_crap.nt_resp_len = 24; + } if (winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response) != NSS_STATUS_SUCCESS) { |