[jcifs] Passwords longer than 14 characters [PATCH]
crh at ubiqx.mn.org
Wed Apr 10 11:49:27 EST 2002
On Tue, Apr 09, 2002 at 09:01:24PM -0400, Allen, Michael B (RSCH) wrote:
> > In the above code, P14 would be null (0) padded. This may not be correct, so
> > the response computed by SmbSession.getPreNTLMResponse may not be correct.
> > But most servers would be using 0.12 or higher, so would accept the response
> > based on the results of SmbSession.getNTLMResponse. This is one reason why I
> > believe that the response computed by SmbSession.getPreNTLMResponse is
> > ignored if the server is running NT LM 0.12 or higher. Just conjecture
> > though.
> How very astute! This is a mistake in the spec. Origianally I tried spaces and it didn't work.
> If I used nulls it worked. So the Pre NT LM 0.12 hash is not ignored and it must be 0's or it
> will not work. This was corrected in the latest SNIA version.
The ENCRYPTION doc that Jeremy Allison put together says that nuls should
be used. I was just reading this last week and noticed that the Leach doc
said spaces, but both the SNIA doc (v1.0) and Jeremy's doc say nuls.
I guess this is a good opportunity to 'annotate' the Leach doc. :)
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the jcifs