From cf9d07cc7d41627a59ea3bec5ba2b9eebb894ab5 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 29 Nov 1997 02:40:31 +0000 Subject: added a sent_oplock_break element to Files[] as a paranoia check so we can't sent a oplock break twice on the same file. changed some debug levels in the oplock code to level 0 so we can track down a bug zero the returned Files[] entry in find_free_file() don't try to overcome client bugs in the handling of non-encrypted passwords if in server level security mode added paranoid null termination of password buffers slight change to my ajt_panic() routine (This used to be commit e360c79c9cec681c4609783019749773d3e79386) --- source3/smbd/reply.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/smbd/reply.c') diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 2c646d99f5..ec94ab0552 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -260,7 +260,6 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) int connection_num; uint16 vuid = SVAL(inbuf,smb_uid); int passlen = SVAL(inbuf,smb_vwv3); - BOOL doencrypt = SMBENCRYPT(); *service = *user = *password = *devicename = 0; @@ -279,7 +278,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize) password[passlen]=0; path = smb_buf(inbuf) + passlen; - if (!doencrypt || passlen != 24) { + if (passlen != 24) { if (strequal(password," ")) *password = 0; passlen = strlen(password); @@ -412,9 +411,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) } memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen); + smb_apasswd[smb_apasslen] = 0; pstrcpy(user,smb_buf(inbuf)+smb_apasslen); - if (lp_security() != SEC_SERVER && !doencrypt) { + if (!doencrypt && (lp_security() != SEC_SERVER)) { smb_apasslen = strlen(smb_apasswd); } } else { @@ -448,12 +448,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize) passlen1 = MIN(passlen1, MAX_PASS_LEN); passlen2 = MIN(passlen2, MAX_PASS_LEN); - if(doencrypt) { + if(doencrypt || (lp_security() == SEC_SERVER)) { /* Save the lanman2 password and the NT md4 password. */ smb_apasslen = passlen1; memcpy(smb_apasswd,p,smb_apasslen); + smb_apasswd[smb_apasslen] = 0; smb_ntpasslen = passlen2; memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen); + smb_ntpasswd[smb_ntpasslen] = 0; } else { /* both Win95 and WinNT stuff up the password lengths for non-encrypting systems. Uggh. -- cgit