svn commit: samba r18008 - in branches: SAMBA_3_0/source/libsmb
SAMBA_3_0_23/source/libsmb
vlendec at samba.org
vlendec at samba.org
Sat Sep 2 21:41:28 GMT 2006
Author: vlendec
Date: 2006-09-02 21:41:28 +0000 (Sat, 02 Sep 2006)
New Revision: 18008
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18008
Log:
Ok, same fix as before. But this time also allocate the session key. This had
worked in one test, no idea what memory I've overwritten that time. This time
it survives the unpatched w2k password change.
Volker
Modified:
branches/SAMBA_3_0/source/libsmb/ntlmssp.c
branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c
Changeset:
Modified: branches/SAMBA_3_0/source/libsmb/ntlmssp.c
===================================================================
--- branches/SAMBA_3_0/source/libsmb/ntlmssp.c 2006-09-02 20:17:05 UTC (rev 18007)
+++ branches/SAMBA_3_0/source/libsmb/ntlmssp.c 2006-09-02 21:41:28 UTC (rev 18008)
@@ -813,16 +813,25 @@
if (lm_session_key.data && lm_session_key.length >= 8) {
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ if (session_key.data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
session_key.data);
DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
- dump_data_pw("LM session key:\n", session_key.data, session_key.length);
} else {
- /* use the key unmodified - it's
- * probably a NULL key from the guest
- * login */
- session_key = lm_session_key;
+ static const uint8 zeros[24] = { 0, };
+ session_key = data_blob_talloc(
+ ntlmssp_state->mem_ctx, NULL, 16);
+ if (session_key.data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ SMBsesskeygen_lm_sess_key(
+ lm_session_key.data, zeros,
+ session_key.data);
}
+ dump_data_pw("LM session key:\n", session_key.data,
+ session_key.length);
} else {
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));
session_key = data_blob(NULL, 0);
Modified: branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c
===================================================================
--- branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c 2006-09-02 20:17:05 UTC (rev 18007)
+++ branches/SAMBA_3_0_23/source/libsmb/ntlmssp.c 2006-09-02 21:41:28 UTC (rev 18008)
@@ -746,16 +746,25 @@
if (lm_session_key.data && lm_session_key.length >= 8) {
if (ntlmssp_state->lm_resp.data && ntlmssp_state->lm_resp.length == 24) {
session_key = data_blob_talloc(ntlmssp_state->mem_ctx, NULL, 16);
+ if (session_key.data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
SMBsesskeygen_lm_sess_key(lm_session_key.data, ntlmssp_state->lm_resp.data,
session_key.data);
DEBUG(10,("ntlmssp_server_auth: Created NTLM session key.\n"));
- dump_data_pw("LM session key:\n", session_key.data, session_key.length);
} else {
- /* use the key unmodified - it's
- * probably a NULL key from the guest
- * login */
- session_key = lm_session_key;
+ static const uint8 zeros[24] = { 0, };
+ session_key = data_blob_talloc(
+ ntlmssp_state->mem_ctx, NULL, 16);
+ if (session_key.data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ SMBsesskeygen_lm_sess_key(
+ lm_session_key.data, zeros,
+ session_key.data);
}
+ dump_data_pw("LM session key:\n", session_key.data,
+ session_key.length);
} else {
DEBUG(10,("ntlmssp_server_auth: Failed to create NTLM session key.\n"));
session_key = data_blob(NULL, 0);
More information about the samba-cvs
mailing list