Always set a session key, even for the 'no password' case.

[kai/samba.git] / source4 / auth / ntlm / auth_sam.c

diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c
index 2c13cd963dc471635a8c36b721dc1affccf2f296..1b8233b8a49219b0eab4e3013bf4da789112fa28 100644 (file)
--- a/source4/auth/ntlm/auth_sam.c
+++ b/source4/auth/ntlm/auth_sam.c
@@ -156,6 +156,8 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
                if (lp_null_passwords(auth_context->lp_ctx)) {
                        DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", 
                                 user_info->mapped.account_name));
                if (lp_null_passwords(auth_context->lp_ctx)) {
                        DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", 
                                 user_info->mapped.account_name));

+                       *lm_sess_key = data_blob(NULL, 0);
+                       *user_sess_key = data_blob(NULL, 0);

                        return NT_STATUS_OK;
                } else {
                        DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", 
                        return NT_STATUS_OK;
                } else {
                        DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n",