diff options
author | Volker Lendecke <vl@samba.org> | 2011-01-14 05:14:22 -0700 |
---|---|---|
committer | Volker Lendecke <vlendec@samba.org> | 2011-01-17 16:30:11 +0100 |
commit | 9b94f3660531e7c5e4dc4345227f781910c54f79 (patch) | |
tree | 2017dfc380ae2fd4f7208563707c8e082c941600 /source3/auth/auth_winbind.c | |
parent | 3ecce7f2ee243eb1411e4aa8cb0648d118c1c364 (diff) | |
download | samba-9b94f3660531e7c5e4dc4345227f781910c54f79.tar.gz samba-9b94f3660531e7c5e4dc4345227f781910c54f79.tar.xz samba-9b94f3660531e7c5e4dc4345227f781910c54f79.zip |
s3: Make sure we call wbcAuthenticateUserEx correctly
There are cases where we fill in params.password.response.lm_data with non-NULL
where params.password.response.lm_length is 0. wbcAuthenticateUserEx does not
like that.
I haven't been able to reproduce this with smbclient yet, I've seen it with a
proprietary smb client implementation.
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Mon Jan 17 16:30:11 CET 2011 on sn-devel-104
Diffstat (limited to 'source3/auth/auth_winbind.c')
-rw-r--r-- | source3/auth/auth_winbind.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index 603ec9b4109..9328b66fb50 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -39,6 +39,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, struct wbcAuthUserInfo *info = NULL; struct wbcAuthErrorInfo *err = NULL; + ZERO_STRUCT(params); + if (!user_info) { return NT_STATUS_INVALID_PARAMETER; } @@ -72,10 +74,18 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, auth_context->challenge.data, sizeof(params.password.response.challenge)); - params.password.response.nt_length = user_info->password.response.nt.length; - params.password.response.nt_data = user_info->password.response.nt.data; - params.password.response.lm_length = user_info->password.response.lanman.length; - params.password.response.lm_data = user_info->password.response.lanman.data; + if (user_info->password.response.nt.length != 0) { + params.password.response.nt_length = + user_info->password.response.nt.length; + params.password.response.nt_data = + user_info->password.response.nt.data; + } + if (user_info->password.response.lanman.length != 0) { + params.password.response.lm_length = + user_info->password.response.lanman.length; + params.password.response.lm_data = + user_info->password.response.lanman.data; + } /* we are contacting the privileged pipe */ become_root(); |