From 1baf91639919a96d305196da03e38097ed6ba46f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 27 Dec 2011 21:30:49 +1100 Subject: [PATCH] credentials: Always honour the return value of E_deshash() When this returns false, the hash value is not correct as the password could not be converted into an uppercase, 14 char or less ASCII string. Andrew Bartlett --- auth/credentials/credentials_ntlm.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/auth/credentials/credentials_ntlm.c b/auth/credentials/credentials_ntlm.c index 7f4af4f08cd..2d6d6f6c55e 100644 --- a/auth/credentials/credentials_ntlm.c +++ b/auth/credentials/credentials_ntlm.c @@ -174,8 +174,7 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred lm_response = nt_response; /* LM Key is incompatible with 'long' passwords */ *flags &= ~CLI_CRED_LANMAN_AUTH; - } else { - E_deshash(password, lm_hash); + } else if (E_deshash(password, lm_hash)) { lm_session_key = data_blob_talloc(mem_ctx, NULL, 16); memcpy(lm_session_key.data, lm_hash, 8); memset(&lm_session_key.data[8], '\0', 8); @@ -193,8 +192,7 @@ _PUBLIC_ NTSTATUS cli_credentials_get_ntlm_response(struct cli_credentials *cred *flags &= ~CLI_CRED_LANMAN_AUTH; password = cli_credentials_get_password(cred); - if (password) { - E_deshash(password, lm_hash); + if (password && E_deshash(password, lm_hash)) { lm_session_key = data_blob_talloc(mem_ctx, NULL, 16); memcpy(lm_session_key.data, lm_hash, 8); memset(&lm_session_key.data[8], '\0', 8); -- 2.34.1