From 00f2691e1af2b71fab96c538de87401e78e91ca0 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 27 Apr 2016 01:44:56 +0200 Subject: [PATCH] s4:auth_anonymous: anonymous authentication doesn't allow a password MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit BUG: https://bugzilla.samba.org/show_bug.cgi?id=11847 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider Reviewed-by: Günther Deschner (cherry picked from commit d247dceaaab24b568425f2360e40f5e91be452cc) --- source4/auth/ntlm/auth_anonymous.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/source4/auth/ntlm/auth_anonymous.c b/source4/auth/ntlm/auth_anonymous.c index 28cbfe831ef..ab1aac2693f 100644 --- a/source4/auth/ntlm/auth_anonymous.c +++ b/source4/auth/ntlm/auth_anonymous.c @@ -41,6 +41,36 @@ static NTSTATUS anonymous_want_check(struct auth_method_context *ctx, return NT_STATUS_NOT_IMPLEMENTED; } + switch (user_info->password_state) { + case AUTH_PASSWORD_PLAIN: + if (user_info->password.plaintext != NULL && + strlen(user_info->password.plaintext) > 0) + { + return NT_STATUS_NOT_IMPLEMENTED; + } + break; + case AUTH_PASSWORD_HASH: + if (user_info->password.hash.lanman != NULL) { + return NT_STATUS_NOT_IMPLEMENTED; + } + if (user_info->password.hash.nt != NULL) { + return NT_STATUS_NOT_IMPLEMENTED; + } + break; + case AUTH_PASSWORD_RESPONSE: + if (user_info->password.response.lanman.length == 1) { + if (user_info->password.response.lanman.data[0] != '\0') { + return NT_STATUS_NOT_IMPLEMENTED; + } + } else if (user_info->password.response.lanman.length > 1) { + return NT_STATUS_NOT_IMPLEMENTED; + } + if (user_info->password.response.nt.length > 0) { + return NT_STATUS_NOT_IMPLEMENTED; + } + break; + } + return NT_STATUS_OK; } -- 2.34.1