git.samba.org
/
metze
/
samba
/
wip.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
5cfe949
)
s3-winbind Improve memory handling in NTLMv2-backend plaintext authentication
author
Andrew Bartlett
<abartlet@samba.org>
Fri, 10 Dec 2010 01:12:23 +0000
(12:12 +1100)
committer
Andrew Bartlett
<abartlet@samba.org>
Fri, 10 Dec 2010 05:09:06 +0000
(16:09 +1100)
Andrew Bartlett
source3/winbindd/winbindd_pam.c
patch
|
blob
|
history
diff --git
a/source3/winbindd/winbindd_pam.c
b/source3/winbindd/winbindd_pam.c
index 23ffb87b7e09416e8019944b02800f6af6e86a81..7ec0bff9a77f8362937573c00023d96400f1addc 100644
(file)
--- a/
source3/winbindd/winbindd_pam.c
+++ b/
source3/winbindd/winbindd_pam.c
@@
-1166,36
+1166,25
@@
static NTSTATUS winbindd_dual_pam_auth_samlogon(struct winbindd_domain *domain,
if (lp_client_ntlmv2_auth()) {
DATA_BLOB server_chal;
DATA_BLOB names_blob;
if (lp_client_ntlmv2_auth()) {
DATA_BLOB server_chal;
DATA_BLOB names_blob;
- DATA_BLOB nt_response;
- DATA_BLOB lm_response;
- server_chal = data_blob_talloc(state->mem_ctx, chal, 8);
+ server_chal = data_blob_const(chal, 8);
- /* note that the 'workgroup' here is
a best guess - we don't know
- the server's domain at this point. The 'server name' is also
-
dodgy..
.
+ /* note that the 'workgroup' here is
for the local
+ machine. The 'server name' must match the
+
'workstation' passed to the actual SamLogon call
.
*/
names_blob = NTLMv2_generate_names_blob(state->mem_ctx, global_myname(), lp_workgroup());
*/
names_blob = NTLMv2_generate_names_blob(state->mem_ctx, global_myname(), lp_workgroup());
- if (!SMBNTLMv2encrypt(
NULL
, name_user, name_domain,
+ if (!SMBNTLMv2encrypt(
state->mem_ctx
, name_user, name_domain,
state->request->data.auth.pass,
&server_chal,
&names_blob,
state->request->data.auth.pass,
&server_chal,
&names_blob,
- &lm_resp
onse, &nt_response
, NULL, NULL)) {
+ &lm_resp
, &nt_resp
, NULL, NULL)) {
data_blob_free(&names_blob);
data_blob_free(&names_blob);
- data_blob_free(&server_chal);
DEBUG(0, ("winbindd_pam_auth: SMBNTLMv2encrypt() failed!\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
}
data_blob_free(&names_blob);
DEBUG(0, ("winbindd_pam_auth: SMBNTLMv2encrypt() failed!\n"));
result = NT_STATUS_NO_MEMORY;
goto done;
}
data_blob_free(&names_blob);
- data_blob_free(&server_chal);
- lm_resp = data_blob_talloc(state->mem_ctx, lm_response.data,
- lm_response.length);
- nt_resp = data_blob_talloc(state->mem_ctx, nt_response.data,
- nt_response.length);
- data_blob_free(&lm_response);
- data_blob_free(&nt_response);
-
} else {
lm_resp = data_blob_null;
SMBNTencrypt(state->request->data.auth.pass,
} else {
lm_resp = data_blob_null;
SMBNTencrypt(state->request->data.auth.pass,