samba/patches/samba-3.0.24-share-security-ntlmv2.patch

Index: samba-3.0.24/source/auth/auth_compat.c
===================================================================
--- samba-3.0.24.orig/source/auth/auth_compat.c	2007-02-08 08:01:57.000000000 -0600
+++ samba-3.0.24/source/auth/auth_compat.c	2007-02-08 08:02:08.000000000 -0600
@@ -92,18 +92,25 @@
 check if a username/password pair is ok via the auth subsystem.
 return True if the password is correct, False otherwise
 ****************************************************************************/
+
 BOOL password_ok(char *smb_name, DATA_BLOB password_blob)
 {
 
 	DATA_BLOB null_password = data_blob(NULL, 0);
-	BOOL encrypted = (global_encrypted_passwords_negotiated && password_blob.length == 24);
+	BOOL encrypted = (global_encrypted_passwords_negotiated && (password_blob.length == 24 || password_blob.length > 46));
 	
 	if (encrypted) {
 		/* 
 		 * The password could be either NTLM or plain LM.  Try NTLM first, 
 		 * but fall-through as required.
-		 * NTLMv2 makes no sense here.
+		 * Vista sends NTLMv2 here - we need to try the client given workgroup.
 		 */
+		if (get_session_workgroup()) {
+			if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), null_password, password_blob, null_password, encrypted))) {
+				return True;
+			}
+		}
+
 		if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
 			return True;
 		}
@@ -119,5 +126,3 @@
 
 	return False;
 }
-
-
Index: samba-3.0.24/source/smbd/password.c
===================================================================
--- samba-3.0.24.orig/source/smbd/password.c	2007-02-08 08:01:42.000000000 -0600
+++ samba-3.0.24/source/smbd/password.c	2007-02-08 08:02:08.000000000 -0600
@@ -23,6 +23,8 @@
 /* users from session setup */
 static char *session_userlist = NULL;
 static int len_session_userlist = 0;
+/* workgroup from session setup. */
+static char *session_workgroup = NULL;
 
 /* this holds info on user ids that are already validated for this VC */
 static user_struct *validated_users;
@@ -406,6 +408,29 @@
 }
 
 /****************************************************************************
+ In security=share mode we need to store the client workgroup, as that's
+  what Vista uses for the NTLMv2 calculation.
+****************************************************************************/
+
+void add_session_workgroup(const char *workgroup)
+{
+	if (session_workgroup) {
+		SAFE_FREE(session_workgroup);
+	}
+	session_workgroup = smb_xstrdup(workgroup);
+}
+
+/****************************************************************************
+ In security=share mode we need to return the client workgroup, as that's
+  what Vista uses for the NTLMv2 calculation.
+****************************************************************************/
+
+const char *get_session_workgroup(void)
+{
+	return session_workgroup;
+}
+
+/****************************************************************************
  Check if a user is in a netgroup user list. If at first we don't succeed,
  try lower case.
 ****************************************************************************/
Index: samba-3.0.24/source/smbd/sesssetup.c
===================================================================
--- samba-3.0.24.orig/source/smbd/sesssetup.c	2007-02-08 08:01:38.000000000 -0600
+++ samba-3.0.24/source/smbd/sesssetup.c	2007-02-08 08:02:08.000000000 -0600
@@ -1035,6 +1035,7 @@
 
 		map_username(sub_user);
 		add_session_user(sub_user);
+		add_session_workgroup(domain);
 		/* Then force it to null for the benfit of the code below */
 		*user = 0;
 	}
1	Index: samba-3.0.24/source/auth/auth_compat.c
2	===================================================================
3	--- samba-3.0.24.orig/source/auth/auth_compat.c 2007-02-08 08:01:57.000000000 -0600
4	+++ samba-3.0.24/source/auth/auth_compat.c 2007-02-08 08:02:08.000000000 -0600
5	@@ -92,18 +92,25 @@
6	check if a username/password pair is ok via the auth subsystem.
7	return True if the password is correct, False otherwise
8	****************************************************************************/
9	+
10	BOOL password_ok(char *smb_name, DATA_BLOB password_blob)
11	{
12
13	DATA_BLOB null_password = data_blob(NULL, 0);
14	- BOOL encrypted = (global_encrypted_passwords_negotiated && password_blob.length == 24);
15	+ BOOL encrypted = (global_encrypted_passwords_negotiated && (password_blob.length == 24 \|\| password_blob.length > 46));
16
17	if (encrypted) {
18	/*
19	* The password could be either NTLM or plain LM. Try NTLM first,
20	* but fall-through as required.
21	- * NTLMv2 makes no sense here.
22	+ * Vista sends NTLMv2 here - we need to try the client given workgroup.
23	*/
24	+ if (get_session_workgroup()) {
25	+ if (NT_STATUS_IS_OK(pass_check_smb(smb_name, get_session_workgroup(), null_password, password_blob, null_password, encrypted))) {
26	+ return True;
27	+ }
28	+ }
29	+
30	if (NT_STATUS_IS_OK(pass_check_smb(smb_name, lp_workgroup(), null_password, password_blob, null_password, encrypted))) {
31	return True;
32	}
33	@@ -119,5 +126,3 @@
34
35	return False;
36	}
37	-
38	-
39	Index: samba-3.0.24/source/smbd/password.c
40	===================================================================
41	--- samba-3.0.24.orig/source/smbd/password.c 2007-02-08 08:01:42.000000000 -0600
42	+++ samba-3.0.24/source/smbd/password.c 2007-02-08 08:02:08.000000000 -0600
43	@@ -23,6 +23,8 @@
44	/* users from session setup */
45	static char *session_userlist = NULL;
46	static int len_session_userlist = 0;
47	+/* workgroup from session setup. */
48	+static char *session_workgroup = NULL;
49
50	/* this holds info on user ids that are already validated for this VC */
51	static user_struct *validated_users;
52	@@ -406,6 +408,29 @@
53	}
54
55	/****************************************************************************
56	+ In security=share mode we need to store the client workgroup, as that's
57	+ what Vista uses for the NTLMv2 calculation.
58	+****************************************************************************/
59	+
60	+void add_session_workgroup(const char *workgroup)
61	+{
62	+ if (session_workgroup) {
63	+ SAFE_FREE(session_workgroup);
64	+ }
65	+ session_workgroup = smb_xstrdup(workgroup);
66	+}
67	+
68	+/****************************************************************************
69	+ In security=share mode we need to return the client workgroup, as that's
70	+ what Vista uses for the NTLMv2 calculation.
71	+****************************************************************************/
72	+
73	+const char *get_session_workgroup(void)
74	+{
75	+ return session_workgroup;
76	+}
77	+
78	+/****************************************************************************
79	Check if a user is in a netgroup user list. If at first we don't succeed,
80	try lower case.
81	****************************************************************************/
82	Index: samba-3.0.24/source/smbd/sesssetup.c
83	===================================================================
84	--- samba-3.0.24.orig/source/smbd/sesssetup.c 2007-02-08 08:01:38.000000000 -0600
85	+++ samba-3.0.24/source/smbd/sesssetup.c 2007-02-08 08:02:08.000000000 -0600
86	@@ -1035,6 +1035,7 @@
87
88	map_username(sub_user);
89	add_session_user(sub_user);
90	+ add_session_workgroup(domain);
91	/* Then force it to null for the benfit of the code below */
92	*user = 0;
93	}