|
Lines 161-168
Link Here
|
| 161 |
#define min(A,B) (A<B?A:B) |
161 |
#define min(A,B) (A<B?A:B) |
| 162 |
|
162 |
|
| 163 |
int ntlm_errno; |
163 |
int ntlm_errno; |
| 164 |
static char credentials[1024]; /* we can afford to waste */ |
164 |
#define MAX_USERNAME_LEN 255 |
| 165 |
|
165 |
#define MAX_DOMAIN_LEN 255 |
|
|
166 |
#define MAX_PASSWD_LEN 31 |
| 167 |
static char credentials[MAX_USERNAME_LEN+MAX_DOMAIN_LEN+2]; /* we can afford to waste */ |
| 166 |
|
168 |
|
| 167 |
/* Fetches the user's credentials from the challenge. |
169 |
/* Fetches the user's credentials from the challenge. |
| 168 |
* Returns NULL if domain or user is not defined |
170 |
* Returns NULL if domain or user is not defined |
|
Lines 197-203
Link Here
|
| 197 |
ntlm_check_auth(ntlm_authenticate * auth, int auth_length) |
199 |
ntlm_check_auth(ntlm_authenticate * auth, int auth_length) |
| 198 |
{ |
200 |
{ |
| 199 |
int rv; |
201 |
int rv; |
| 200 |
char pass[25] /*, encrypted_pass[40] */; |
202 |
char pass[MAX_PASSWD_LEN+1]; |
| 201 |
char *domain = credentials; |
203 |
char *domain = credentials; |
| 202 |
char *user; |
204 |
char *user; |
| 203 |
lstring tmp; |
205 |
lstring tmp; |
|
Lines 215-222
Link Here
|
| 215 |
ntlm_errno = NTLM_LOGON_ERROR; |
217 |
ntlm_errno = NTLM_LOGON_ERROR; |
| 216 |
return NULL; |
218 |
return NULL; |
| 217 |
} |
219 |
} |
|
|
220 |
if (tmp.l > MAX_DOMAIN_LEN) { |
| 221 |
debug("Domain string exceeds %d bytes, rejecting\n", MAX_DOMAIN_LEN); |
| 222 |
ntlm_errno = NTLM_LOGON_ERROR; |
| 223 |
return NULL; |
| 224 |
} |
| 218 |
memcpy(domain, tmp.str, tmp.l); |
225 |
memcpy(domain, tmp.str, tmp.l); |
| 219 |
user = domain + tmp.l; |
226 |
user = domain + tmp.l + 1; |
| 220 |
*user++ = '\0'; |
227 |
*user++ = '\0'; |
| 221 |
|
228 |
|
| 222 |
/* debug("fetching user name\n"); */ |
229 |
/* debug("fetching user name\n"); */ |
|
Lines 226-231
Link Here
|
| 226 |
ntlm_errno = NTLM_LOGON_ERROR; |
233 |
ntlm_errno = NTLM_LOGON_ERROR; |
| 227 |
return NULL; |
234 |
return NULL; |
| 228 |
} |
235 |
} |
|
|
236 |
if (tmp.l > MAX_USERNAME_LEN) { |
| 237 |
debug("Username string exceeds %d bytes, rejecting\n", MAX_USERNAME_LEN); |
| 238 |
ntlm_errno = NTLM_LOGON_ERROR; |
| 239 |
return NULL; |
| 240 |
} |
| 229 |
memcpy(user, tmp.str, tmp.l); |
241 |
memcpy(user, tmp.str, tmp.l); |
| 230 |
*(user + tmp.l) = '\0'; |
242 |
*(user + tmp.l) = '\0'; |
| 231 |
|
243 |
|
|
Lines 237-245
Link Here
|
| 237 |
ntlm_errno = NTLM_LOGON_ERROR; |
249 |
ntlm_errno = NTLM_LOGON_ERROR; |
| 238 |
return NULL; |
250 |
return NULL; |
| 239 |
} |
251 |
} |
|
|
252 |
if (tmp.l > MAX_PASSWD_LEN) { |
| 253 |
debug("Password string exceeds %d bytes, rejecting\n", MAX_PASSWD_LEN); |
| 254 |
ntlm_errno = NTLM_LOGON_ERROR; |
| 255 |
return NULL; |
| 256 |
} |
| 240 |
|
257 |
|
| 241 |
memcpy(pass, tmp.str, tmp.l); |
258 |
memcpy(pass, tmp.str, tmp.l); |
| 242 |
pass[25] = '\0'; |
259 |
pass[min(MAX_PASSWD_LEN,tmp.l)] = '\0'; |
| 243 |
|
260 |
|
| 244 |
#if 1 |
261 |
#if 1 |
| 245 |
debug ("Empty LM pass detection: user: '%s', ours:'%s', his: '%s'" |
262 |
debug ("Empty LM pass detection: user: '%s', ours:'%s', his: '%s'" |
