From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 30 Jul 2004 11:14:47 +0000 (+0000)
Subject: r1612: Fix bug #1571 found by Guenter Kukkukk <guenter.kukkukk@kukkukk.com>
X-Git-Tag: samba-misc-tags/initial-v3-0-unstable~5944
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3baa4ef6c58eb13bec1a8ddb1561a504f4a16107;p=thirdparty%2Fsamba.git

r1612: Fix bug #1571 found by Guenter Kukkukk <guenter.kukkukk@kukkukk.com>

(Botched LANMAN2 session setup code)

Andrew Bartlett
---

diff --git a/source/libsmb/cliconnect.c b/source/libsmb/cliconnect.c
index ce404e1b9e1..559538aac9b 100644
--- a/source/libsmb/cliconnect.c
+++ b/source/libsmb/cliconnect.c
@@ -81,7 +81,10 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user,
 	if (passlen > 0 && (cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen != 24) {
 		/* Encrypted mode needed, and non encrypted password supplied. */
 		lm_response = data_blob(NULL, 24);
-		SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data);
+		if (!SMBencrypt(pass, cli->secblob.data,(uchar *)lm_response.data)) {
+			DEBUG(1, ("Password is > 14 chars in length, and is therefore incompatible with Lanman authentication\n"));
+			return False;
+		}
 	} else if ((cli->sec_mode & NEGOTIATE_SECURITY_CHALLENGE_RESPONSE) && passlen == 24) {
 		/* Encrypted mode needed, and encrypted password supplied. */
 		lm_response = data_blob(pass, passlen);
@@ -106,7 +109,7 @@ static BOOL cli_session_setup_lanman2(struct cli_state *cli, const char *user,
 
 	p = smb_buf(cli->outbuf);
 	memcpy(p,lm_response.data,lm_response.length);
-	p += passlen;
+	p += lm_response.length;
 	p += clistr_push(cli, p, user, -1, STR_TERMINATE|STR_UPPER);
 	p += clistr_push(cli, p, workgroup, -1, STR_TERMINATE|STR_UPPER);
 	p += clistr_push(cli, p, "Unix", -1, STR_TERMINATE);