CVS update: samba/source/libsmb

Andrew Bartlett abartlet at pcug.org.au
Sat Apr 6 11:50:33 EST 2002 

Jeremy Allison wrote:
> 
> Date:   Fri Apr  5 17:26:00 2002
> Author: jra
> 
> Update of /data/cvs/samba/source/libsmb
> In directory va:/tmp/cvs-serv6822/libsmb
> 
> Modified Files:
>       Tag: SAMBA_2_2
>         cliconnect.c
> Log Message:
> Always pass NT password as well as Lanman.
> Jeremy.
> 
> Revisions:
> cliconnect.c            1.2.4.20 => 1.2.4.21
>         http://www.samba.org/cgi-bin/cvsweb/samba/source/libsmb/cliconnect.c?r1=1.2.4.20&r2=1.2.4.21

Who is calling cli_full_connection() with an encrypted password?

If it wasn't for the 'security=server' case, even cli_session_setup()
would only deal with plaintext passwords.  As such the second paramater
is always ignored.  Furthermore, anyone sending an 'encrypted' password
to this function won't get anywhere, as it doesn't know the negprot
challange yet.

The correct fix is to rename the paramter as 'plaintext_password'.

(I had plans to clean this whole area up, but the 'security=server' case
kept getting in my way... )

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-cvs mailing list