diff options
author | Jeremy Allison <jra@samba.org> | 2003-10-24 01:19:23 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2003-10-24 01:19:23 +0000 |
commit | 2d09d8c9d973f5f414d31f749db12328ff315de7 (patch) | |
tree | 25be0296e270287b5242de8d60cf84ad9c2c232f /source | |
parent | 8a75e2dfb6ee9099e7f9a970c522e71ab144d919 (diff) | |
download | samba-2d09d8c9d973f5f414d31f749db12328ff315de7.tar.gz |
Andrew Bartlett patch to cope with Exchange 5.5 cleartext pop password auth.
Jeremy.
Diffstat (limited to 'source')
-rw-r--r-- | source/auth/auth_sam.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/source/auth/auth_sam.c b/source/auth/auth_sam.c index ce97bd7df26..2a00b6fb807 100644 --- a/source/auth/auth_sam.c +++ b/source/auth/auth_sam.c @@ -172,6 +172,22 @@ static NTSTATUS sam_password_ok(const struct auth_context *auth_context, pdb_get_username(sampass))); /* No return, we want to check the LM hash below in this case */ auth_flags &= (~(AUTH_FLAG_NTLMv2_RESP | AUTH_FLAG_NTLM_RESP)); + } else { + /* Check for cleartext netlogon. Used by Exchange 5.5. */ + unsigned char zeros[8]; + + memset(zeros,'\0',sizeof(zeros)); + if (auth_context->challenge.length == sizeof(zeros) && + (memcmp(auth_context->challenge.data, zeros, auth_context->challenge.length) == 0 ) && + user_info->nt_resp.length) { + if ((nt_pw = pdb_get_nt_passwd(sampass)) != NULL) { + unsigned char pwhash[16]; + mdfour(pwhash, user_info->nt_resp.data, user_info->nt_resp.length); + if (memcmp(pwhash, nt_pw, sizeof(pwhash)) == 0) { + return NT_STATUS_OK; + } + } + } } if (auth_flags & AUTH_FLAG_NTLMv2_RESP) { |