* This also deals with the client passing in a "" domain */
if (!is_trusted_domain(domain) &&
- !strequal(domain, my_sam_name()))
+ !strequal(domain, my_sam_name()) &&
+ !strequal(domain, get_global_sam_name()))
{
if (lp_map_untrusted_to_domain())
domain = my_sam_name();
uint32 logon_parameters,
const uchar chal[8],
const uchar lm_interactive_pwd[16],
- const uchar nt_interactive_pwd[16],
- const uchar *dc_sess_key)
+ const uchar nt_interactive_pwd[16])
{
struct samr_Password lm_pwd;
struct samr_Password nt_pwd;
unsigned char local_lm_response[24];
unsigned char local_nt_response[24];
- unsigned char key[16];
-
- memcpy(key, dc_sess_key, 16);
if (lm_interactive_pwd)
memcpy(lm_pwd.hash, lm_interactive_pwd, sizeof(lm_pwd.hash));
if (nt_interactive_pwd)
memcpy(nt_pwd.hash, nt_interactive_pwd, sizeof(nt_pwd.hash));
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("key:"));
- dump_data(100, key, sizeof(key));
-
- DEBUG(100,("lm owf password:"));
- dump_data(100, lm_pwd.hash, sizeof(lm_pwd.hash));
-
- DEBUG(100,("nt owf password:"));
- dump_data(100, nt_pwd.hash, sizeof(nt_pwd.hash));
-#endif
-
- if (lm_interactive_pwd)
- arcfour_crypt(lm_pwd.hash, key, sizeof(lm_pwd.hash));
-
- if (nt_interactive_pwd)
- arcfour_crypt(nt_pwd.hash, key, sizeof(nt_pwd.hash));
-
-#ifdef DEBUG_PASSWORD
- DEBUG(100,("decrypt of lm owf password:"));
- dump_data(100, lm_pwd.hash, sizeof(lm_pwd));
-
- DEBUG(100,("decrypt of nt owf password:"));
- dump_data(100, nt_pwd.hash, sizeof(nt_pwd));
-#endif
-
if (lm_interactive_pwd)
SMBOWFencrypt(lm_pwd.hash, chal,
local_lm_response);
SMBOWFencrypt(nt_pwd.hash, chal,
local_nt_response);
- /* Password info paranoia */
- ZERO_STRUCT(key);
-
{
bool ret;
NTSTATUS nt_status;
- DATA_BLOB local_lm_blob;
- DATA_BLOB local_nt_blob;
+ DATA_BLOB local_lm_blob = data_blob_null;
+ DATA_BLOB local_nt_blob = data_blob_null;
if (lm_interactive_pwd) {
local_lm_blob = data_blob(local_lm_response,
if (!lower_username) {
return NT_STATUS_NO_MEMORY;
}
- strlower_m( lower_username );
+ if (!strlower_m( lower_username )) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
orig_dom_user = talloc_asprintf(mem_ctx,
"%s%c%s",
/* make sure we get the case of the username correct */
/* work around 'winbind use default domain = yes' */
- if ( !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
+ if ( lp_winbind_use_default_domain() &&
+ !strchr_m( pw->pw_name, *lp_winbind_separator() ) ) {
char *domain;
/* split the domain and username into 2 strings */