Always set a session key, even for the 'no password' case.
authorAndrew Bartlett <abartlet@samba.org>
Fri, 8 Aug 2008 04:05:16 +0000 (14:05 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Fri, 8 Aug 2008 04:06:42 +0000 (14:06 +1000)
This is for bug 5664 reported by Tom <hto@arcor.de>.

Andrew Bartlett
(This used to be commit b345c9cf535af35c83da040ac965d9690dc802fe)

source4/auth/ntlm/auth_sam.c

index 2c13cd963dc471635a8c36b721dc1affccf2f296..1b8233b8a49219b0eab4e3013bf4da789112fa28 100644 (file)
@@ -156,6 +156,8 @@ static NTSTATUS authsam_password_ok(struct auth_context *auth_context,
                if (lp_null_passwords(auth_context->lp_ctx)) {
                        DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", 
                                 user_info->mapped.account_name));
+                       *lm_sess_key = data_blob(NULL, 0);
+                       *user_sess_key = data_blob(NULL, 0);
                        return NT_STATUS_OK;
                } else {
                        DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n",