[SCM] Samba Shared Repository - branch v3-6-test updated

Volker Lendecke Mon, 17 Jan 2011 07:35:18 -0800

The branch, v3-6-test has been updated
       via  9d0f33a s3: Make sure we call wbcAuthenticateUserEx correctly
      from  7d63763 s3: Avoid a few calls to cli_errstr


http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit 9d0f33a75bd99bd0e12ed5a0fb125902a8d8dc4c
Author: Volker Lendecke <[email protected]>
Date:   Fri Jan 14 05:14:22 2011 -0700

    s3: Make sure we call wbcAuthenticateUserEx correctly
    
    There are cases where we fill in params.password.response.lm_data with 
non-NULL
    where params.password.response.lm_length is 0. wbcAuthenticateUserEx does 
not
    like that.
    
    I haven't been able to reproduce this with smbclient yet, I've seen it with 
a
    proprietary smb client implementation.
    
    Autobuild-User: Volker Lendecke <[email protected]>
    Autobuild-Date: Mon Jan 17 16:30:11 CET 2011 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 source3/auth/auth_wbc.c     |   19 +++++++++++++++----
 source3/auth/auth_winbind.c |   18 ++++++++++++++----
 2 files changed, 29 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/auth/auth_wbc.c b/source3/auth/auth_wbc.c
index 6beec73..c2ff490 100644
--- a/source3/auth/auth_wbc.c
+++ b/source3/auth/auth_wbc.c
@@ -59,6 +59,9 @@ static NTSTATUS check_wbc_security(const struct auth_context 
*auth_context,
        if (!user_info || !auth_context || !server_info) {
                return NT_STATUS_INVALID_PARAMETER;
        }
+
+       ZERO_STRUCT(params);
+
        /* Send off request */
 
        DEBUG(10, ("Check auth for: [%s]", user_info->mapped.account_name));
@@ -91,10 +94,18 @@ static NTSTATUS check_wbc_security(const struct 
auth_context *auth_context,
                    auth_context->challenge.data,
                    sizeof(params.password.response.challenge));
 
-               params.password.response.nt_length = 
user_info->password.response.nt.length;
-               params.password.response.nt_data = 
user_info->password.response.nt.data;
-               params.password.response.lm_length = 
user_info->password.response.lanman.length;
-               params.password.response.lm_data = 
user_info->password.response.lanman.data;
+               if (user_info->password.response.nt.length != 0) {
+                       params.password.response.nt_length =
+                               user_info->password.response.nt.length;
+                       params.password.response.nt_data =
+                               user_info->password.response.nt.data;
+               }
+               if (user_info->password.response.lanman.length != 0) {
+                       params.password.response.lm_length =
+                               user_info->password.response.lanman.length;
+                       params.password.response.lm_data =
+                               user_info->password.response.lanman.data;
+               }
        default:
                DEBUG(0,("user_info constructed for user '%s' was invalid - 
password_state=%u invalid.\n",user_info->mapped.account_name, 
user_info->password_state));
                return NT_STATUS_INTERNAL_ERROR;
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index 603ec9b..9328b66 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -39,6 +39,8 @@ static NTSTATUS check_winbind_security(const struct 
auth_context *auth_context,
        struct wbcAuthUserInfo *info = NULL;
        struct wbcAuthErrorInfo *err = NULL;
 
+       ZERO_STRUCT(params);
+
        if (!user_info) {
                return NT_STATUS_INVALID_PARAMETER;
        }
@@ -72,10 +74,18 @@ static NTSTATUS check_winbind_security(const struct 
auth_context *auth_context,
               auth_context->challenge.data,
               sizeof(params.password.response.challenge));
 
-       params.password.response.nt_length      = 
user_info->password.response.nt.length;
-       params.password.response.nt_data        = 
user_info->password.response.nt.data;
-       params.password.response.lm_length      = 
user_info->password.response.lanman.length;
-       params.password.response.lm_data        = 
user_info->password.response.lanman.data;
+       if (user_info->password.response.nt.length != 0) {
+               params.password.response.nt_length =
+                       user_info->password.response.nt.length;
+               params.password.response.nt_data =
+                       user_info->password.response.nt.data;
+       }
+       if (user_info->password.response.lanman.length != 0) {
+               params.password.response.lm_length =
+                       user_info->password.response.lanman.length;
+               params.password.response.lm_data =
+                       user_info->password.response.lanman.data;
+       }
 
        /* we are contacting the privileged pipe */
        become_root();


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-6-test updated

Reply via email to