git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5edcaec)
CVE-2018-1139 libcli/auth: fix debug messages in hash_password_check()
authorGünther Deschner <gd@samba.org>
Wed, 14 Mar 2018 14:36:05 +0000 (15:36 +0100)
committerKarolin Seeger <kseeger@samba.org>
Tue, 14 Aug 2018 11:57:15 +0000 (13:57 +0200)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13360

CVE-2018-1139: Weak authentication protocol allowed.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
libcli/auth/ntlm_check.c patch | blob | history

diff --git a/libcli/auth/ntlm_check.c b/libcli/auth/ntlm_check.c
index 3b02adc1d482a81ce29588ec3f756c1580ed113b..1c6499bd21087f6acc7b00352e72a545c52a74fe 100644 (file)
--- a/libcli/auth/ntlm_check.c
+++ b/libcli/auth/ntlm_check.c
@@ -224,7 +224,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
                             const struct samr_Password *stored_nt)
 {
        if (stored_nt == NULL) {
-               DEBUG(3,("ntlm_password_check: NO NT password stored for user %s.\n", 
+               DEBUG(3,("hash_password_check: NO NT password stored for user %s.\n",
                         username));
        }
 
@@ -232,14 +232,14 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
                if (memcmp(client_nt->hash, stored_nt->hash, sizeof(stored_nt->hash)) == 0) {
                        return NT_STATUS_OK;
                } else {
-                       DEBUG(3,("ntlm_password_check: Interactive logon: NT password check failed for user %s\n",
+                       DEBUG(3,("hash_password_check: Interactive logon: NT password check failed for user %s\n",
                                 username));
                        return NT_STATUS_WRONG_PASSWORD;
                }
 
        } else if (client_lanman && stored_lanman) {
                if (!lanman_auth) {
-                       DEBUG(3,("ntlm_password_check: Interactive logon: only LANMAN password supplied for user %s, and LM passwords are disabled!\n",
+                       DEBUG(3,("hash_password_check: Interactive logon: only LANMAN password supplied for user %s, and LM passwords are disabled!\n",
                                 username));
                        return NT_STATUS_WRONG_PASSWORD;
                }
@@ -250,7 +250,7 @@ NTSTATUS hash_password_check(TALLOC_CTX *mem_ctx,
                if (memcmp(client_lanman->hash, stored_lanman->hash, sizeof(stored_lanman->hash)) == 0) {
                        return NT_STATUS_OK;
                } else {
-                       DEBUG(3,("ntlm_password_check: Interactive logon: LANMAN password check failed for user %s\n",
+                       DEBUG(3,("hash_password_check: Interactive logon: LANMAN password check failed for user %s\n",
                                 username));
                        return NT_STATUS_WRONG_PASSWORD;
                }
Samba Shared Repository