[SCM] Samba Shared Repository - branch v4-0-test updated - release-4-0-0alpha5-238-gb345c9c

Andrew Bartlett abartlet at samba.org
Sat Aug 9 00:38:23 GMT 2008 

On Fri, 2008-08-08 at 09:28 +0200, Stefan (metze) Metzmacher wrote:
> Andrew Bartlett schrieb:
> > The branch, v4-0-test has been updated
> >        via  b345c9cf535af35c83da040ac965d9690dc802fe (commit)
> >        via  580cce9de38ddd9d59b272b58caadce528321d09 (commit)
> >       from  d0a128f35b259d4891edc68fc24aa04a6da7aab7 (commit)
> > 
> 
> Is it correct
> > 
> > - Log -----------------------------------------------------------------
> > commit b345c9cf535af35c83da040ac965d9690dc802fe
> > Author: Andrew Bartlett <abartlet at samba.org>
> > Date:   Fri Aug 8 14:05:16 2008 +1000
> > 
> >     Always set a session key, even for the 'no password' case.
> >     
> >     This is for bug 5664 reported by Tom <hto at arcor.de>.
> >     
> >     Andrew Bartlett
> > 
> > commit 580cce9de38ddd9d59b272b58caadce528321d09
> > Author: Andrew Bartlett <abartlet at samba.org>
> > Date:   Fri Aug 8 14:04:08 2008 +1000
> > 
> >     Clarify comment
> > 
> > -----------------------------------------------------------------------
> > 
> > Summary of changes:
> >  source/auth/ntlm/auth_sam.c |    2 ++
> >  source/auth/session.c       |    4 ++--
> >  2 files changed, 4 insertions(+), 2 deletions(-)
> > 
> > 
> > Changeset truncated at 500 lines:
> > 
> > diff --git a/source/auth/ntlm/auth_sam.c b/source/auth/ntlm/auth_sam.c
> > index 2c13cd9..1b8233b 100644
> > --- a/source/auth/ntlm/auth_sam.c
> > +++ b/source/auth/ntlm/auth_sam.c
> > @@ -156,6 +156,8 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
> >  		if (lp_null_passwords(auth_context->lp_ctx)) {
> >  			DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", 
> >  				 user_info->mapped.account_name));
> > +			*lm_sess_key = data_blob(NULL, 0);
> > +			*user_sess_key = data_blob(NULL, 0);
> 
> Is this correct? It should not be data_blob(NULL, 16)?
> 
> (But 0 zeros and 16 zeros might be the same for the crypto...
>  as the 8 byte des key is the same as a 8byte key padded with 8 zeros)

In this case, we have not checked the password - so there is no valid
session key, because we don't know what password they used.  

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080809/fa5b6858/attachment.bin

More information about the samba-technical mailing list