sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

Merge from HEAD - allow "" as a domain in the NLTMv2 hash calculations. Fixes

Browse Source 
interop with clients not in our domain.

Andrew Bartlett
(This used to be commit 6aa3aba3db)
This commit is contained in:
Andrew Bartlett 2003-02-16 22:23:33 +00:00
parent 940fcdf095
commit 7f204e07ae
1 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
source3/auth/auth_sam.c
View File

@ -184,7 +184,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
/* We have the NT MD4 hash challenge available - see if we can
use it (ie. does it exist in the smbpasswd file).
*/
DEBUG(4,("sam_password_ok: Checking NTLMv2 password\n"));
DEBUG(4,("sam_password_ok: Checking NTLMv2 password with domain [%s]\n", user_info->client_domain.str));
if (smb_pwd_check_ntlmv2( user_info->nt_resp,
nt_pw, auth_context->challenge,
user_info->smb_name.str,
@ -192,6 +192,16 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
user_sess_key))
{
return NT_STATUS_OK;
}
DEBUG(4,("sam_password_ok: Checking NTLMv2 password without a domain\n"));
if (smb_pwd_check_ntlmv2( user_info->nt_resp,
nt_pw, auth_context->challenge,
user_info->smb_name.str,
"",
user_sess_key))
{
return NT_STATUS_OK;
} else {
DEBUG(3,("sam_password_ok: NTLMv2 password check failed\n"));
return NT_STATUS_WRONG_PASSWORD;
@ -250,7 +260,7 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
/* This is for 'LMv2' authentication. almost NTLMv2 but limited to 24 bytes.
- related to Win9X, legacy NAS pass-though authentication
*/
DEBUG(4,("sam_password_ok: Checking LMv2 password\n"));
DEBUG(4,("sam_password_ok: Checking LMv2 password with domain %s\n", user_info->client_domain.str));
if (smb_pwd_check_ntlmv2( user_info->lm_resp,
nt_pw, auth_context->challenge,
user_info->smb_name.str,
@ -260,6 +270,16 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context,
return NT_STATUS_OK;
}
DEBUG(4,("sam_password_ok: Checking LMv2 password without a domain\n"));
if (smb_pwd_check_ntlmv2( user_info->lm_resp,
nt_pw, auth_context->challenge,
user_info->smb_name.str,
"",
user_sess_key))
{
return NT_STATUS_OK;
}
/* Apparently NT accepts NT responses in the LM field
- I think this is related to Win9X pass-though authentication
*/