[Samba] smbpasswd has password length problem with the 2.2.7 security patch
Chere Zhou
qzhou at isilon.com
Fri Dec 6 00:24:00 GMT 2002
I am using samba 2.2.5, and the following patch Jerry outlined in his 2.2.7
release notes. I tested it against a W2k server (in mixed mode) which had a
simple one char admin password, worked fine. Recently I found that if the
password is longer than 1 char, using "smbpasswd -j dom -r svr -U admin", and
then input password, I get NT_STATUS_LOGON_FAILURE. If I remove the patch,
or keep the password as just 1 char, smbpasswd works fine.
I know the patch was originally for 2.2.6. But since Jerry outlined a simple
one for older versions and 2.2.6, I only applied the simple patch as below.
Can somebody tell me what other changes I need to make for 2.2.5? Anybody
has a similar problem?
The following is a snippet of Jerry's 2.2.7 release email:
Patch for Samba versions 2.2.2 to 2.2.6
- ---------------------------------------
The following patch applies cleanly to the above Samba versions
and will fix the vulnerability for sites that do not wish to upgrade
to 2.2.7 at this time.
--------------------------------cut here---------------------------------
---- libsmb/smbencrypt.c.orig Tue Nov 19 17:21:57 2002
+++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002
@@ -63,7 +63,7 @@
if(len > 128)
len = 128;
/* Password must be converted to NT unicode - null terminated. */
- dos_struni2((char *)wpwd, (const char *)passwd, 256);
+ dos_struni2((char *)wpwd, (const char *)passwd, len);
/* Calculate length in bytes */
len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16);
- -------------------------------cut here---------------------------------
More information about the samba
mailing list