Fix for null passwords being allowed bug.

Jeremy.
(This used to be commit d4d55488397832df35b558564c263a307b0bb629)

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index da01cf4f37d9fbc0b014b35bdc7a9c7a382c25e5..2f720db9c1a24e86271ee78b4e57e8bfed3aa980 100644 (file)
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -514,10 +514,14 @@ BOOL pass_check_smb(char *user, char *domain,
                return(False);
        }
 
-       if (lm_pwd[0] == '\0' && (smb_pass->acct_ctrl & ACB_PWNOTREQ) && lp_null_passwords())
-       {
-               DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", smb_pass->smb_name));
-               return(True);
+       if (smb_pass->acct_ctrl & ACB_PWNOTREQ) {
+               if (lp_null_passwords()) {
+                       DEBUG(3,("Account for user '%s' has no password and null passwords are allowed.\n", smb_pass->smb_name));
+                       return(True);
+               } else {
+                       DEBUG(3,("Account for user '%s' has no password and null passwords are NOT allowed.\n", smb_pass->smb_name));
+                       return(False);
+               }               
        }
 
        if (smb_password_ok(smb_pass, chal, lm_pwd, nt_pwd))