From 9d0f33a75bd99bd0e12ed5a0fb125902a8d8dc4c Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 14 Jan 2011 05:14:22 -0700 Subject: [PATCH] s3: Make sure we call wbcAuthenticateUserEx correctly There are cases where we fill in params.password.response.lm_data with non-NULL where params.password.response.lm_length is 0. wbcAuthenticateUserEx does not like that. I haven't been able to reproduce this with smbclient yet, I've seen it with a proprietary smb client implementation. Autobuild-User: Volker Lendecke Autobuild-Date: Mon Jan 17 16:30:11 CET 2011 on sn-devel-104 --- source3/auth/auth_wbc.c | 19 +++++++++++++++---- source3/auth/auth_winbind.c | 18 ++++++++++++++---- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/source3/auth/auth_wbc.c b/source3/auth/auth_wbc.c index 6beec734565..c2ff4902fc7 100644 --- a/source3/auth/auth_wbc.c +++ b/source3/auth/auth_wbc.c @@ -59,6 +59,9 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context, if (!user_info || !auth_context || !server_info) { return NT_STATUS_INVALID_PARAMETER; } + + ZERO_STRUCT(params); + /* Send off request */ DEBUG(10, ("Check auth for: [%s]", user_info->mapped.account_name)); @@ -91,10 +94,18 @@ static NTSTATUS check_wbc_security(const struct auth_context *auth_context, auth_context->challenge.data, sizeof(params.password.response.challenge)); - params.password.response.nt_length = user_info->password.response.nt.length; - params.password.response.nt_data = user_info->password.response.nt.data; - params.password.response.lm_length = user_info->password.response.lanman.length; - params.password.response.lm_data = user_info->password.response.lanman.data; + if (user_info->password.response.nt.length != 0) { + params.password.response.nt_length = + user_info->password.response.nt.length; + params.password.response.nt_data = + user_info->password.response.nt.data; + } + if (user_info->password.response.lanman.length != 0) { + params.password.response.lm_length = + user_info->password.response.lanman.length; + params.password.response.lm_data = + user_info->password.response.lanman.data; + } default: DEBUG(0,("user_info constructed for user '%s' was invalid - password_state=%u invalid.\n",user_info->mapped.account_name, user_info->password_state)); return NT_STATUS_INTERNAL_ERROR; diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index 603ec9b4109..9328b66fb50 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -39,6 +39,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, struct wbcAuthUserInfo *info = NULL; struct wbcAuthErrorInfo *err = NULL; + ZERO_STRUCT(params); + if (!user_info) { return NT_STATUS_INVALID_PARAMETER; } @@ -72,10 +74,18 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context, auth_context->challenge.data, sizeof(params.password.response.challenge)); - params.password.response.nt_length = user_info->password.response.nt.length; - params.password.response.nt_data = user_info->password.response.nt.data; - params.password.response.lm_length = user_info->password.response.lanman.length; - params.password.response.lm_data = user_info->password.response.lanman.data; + if (user_info->password.response.nt.length != 0) { + params.password.response.nt_length = + user_info->password.response.nt.length; + params.password.response.nt_data = + user_info->password.response.nt.data; + } + if (user_info->password.response.lanman.length != 0) { + params.password.response.lm_length = + user_info->password.response.lanman.length; + params.password.response.lm_data = + user_info->password.response.lanman.data; + } /* we are contacting the privileged pipe */ become_root(); -- 2.11.4.GIT