}
-#ifdef DEBUG_PASSWORD
+#if DEBUG_PASSWORD
DEBUG(100,("Part password (P16) was |\n"));
dump_data(100, part_passwd, 16);
DEBUGADD(100,("Password from client was |\n"));
Note: The same code works with both NTLMv2 and LMv2.
****************************************************************************/
-static bool smb_pwd_check_ntlmv2(const DATA_BLOB *ntv2_response,
- const uchar *part_passwd,
+static bool smb_pwd_check_ntlmv2(TALLOC_CTX *mem_ctx,
+ const DATA_BLOB *ntv2_response,
+ const uint8_t *part_passwd,
const DATA_BLOB *sec_blob,
const char *user, const char *domain,
bool upper_case_domain, /* should the domain be transformed into upper case? */
DATA_BLOB *user_sess_key)
{
/* Finish the encryption of part_passwd. */
- uchar kr[16];
- uchar value_from_encryption[16];
- uchar client_response[16];
+ uint8_t kr[16];
+ uint8_t value_from_encryption[16];
+ uint8_t client_response[16];
DATA_BLOB client_key_data;
bool res;
if (part_passwd == NULL) {
DEBUG(10,("No password set - DISALLOWING access\n"));
- /* No password set - always False */
+ /* No password set - always false */
return false;
}
return false;
}
- client_key_data = data_blob(ntv2_response->data+16, ntv2_response->length-16);
+ client_key_data = data_blob_talloc(mem_ctx, ntv2_response->data+16, ntv2_response->length-16);
/*
todo: should we be checking this for anything? We can't for LMv2,
but for NTLMv2 it is meant to contain the current time etc.
memcpy(client_response, ntv2_response->data, sizeof(client_response));
if (!ntv2_owf_gen(part_passwd, user, domain, upper_case_domain, kr)) {
- return False;
+ return false;
}
SMBOWFencrypt_ntv2(kr, sec_blob, &client_key_data, value_from_encryption);
use it
*/
DEBUG(4,("ntlm_password_check: Checking NTLMv2 password with domain [%s]\n", client_domain));
- if (smb_pwd_check_ntlmv2( nt_response,
+ if (smb_pwd_check_ntlmv2(mem_ctx,
+ nt_response,
nt_pw, challenge,
client_username,
client_domain,
}
DEBUG(4,("ntlm_password_check: Checking NTLMv2 password with uppercased version of domain [%s]\n", client_domain));
- if (smb_pwd_check_ntlmv2( nt_response,
+ if (smb_pwd_check_ntlmv2(mem_ctx,
+ nt_response,
nt_pw, challenge,
client_username,
client_domain,
}
DEBUG(4,("ntlm_password_check: Checking NTLMv2 password without a domain\n"));
- if (smb_pwd_check_ntlmv2( nt_response,
+ if (smb_pwd_check_ntlmv2(mem_ctx,
+ nt_response,
nt_pw, challenge,
client_username,
"",
- related to Win9X, legacy NAS pass-though authentication
*/
DEBUG(4,("ntlm_password_check: Checking LMv2 password with domain %s\n", client_domain));
- if (smb_pwd_check_ntlmv2( lm_response,
+ if (smb_pwd_check_ntlmv2(mem_ctx,
+ lm_response,
nt_pw, challenge,
client_username,
client_domain,
- False,
+ false,
NULL)) {
return NT_STATUS_OK;
}
DEBUG(4,("ntlm_password_check: Checking LMv2 password with upper-cased version of domain %s\n", client_domain));
- if (smb_pwd_check_ntlmv2( lm_response,
+ if (smb_pwd_check_ntlmv2(mem_ctx,
+ lm_response,
nt_pw, challenge,
client_username,
client_domain,
}
DEBUG(4,("ntlm_password_check: Checking LMv2 password without a domain\n"));
- if (smb_pwd_check_ntlmv2( lm_response,
+ if (smb_pwd_check_ntlmv2(mem_ctx,
+ lm_response,
nt_pw, challenge,
client_username,
"",
git.samba.org / gd / samba / .git / commitdiff