[linux-cifs-client] Re: NTLM Response in the LM field...

Christopher R. Hertel crh at ubiqx.mn.org
Wed Dec 29 04:22:35 GMT 2004


On Wed, Dec 29, 2004 at 02:35:55PM +1100, Andrew Bartlett wrote:
> On Tue, 2004-12-28 at 21:30 -0600, Christopher R. Hertel wrote:
> > Regarding an earlier topic...
> > 
> > Regarding the use of the NTLM response in place of the LM Response when
> > the client has been instructed to *not* send the LM Response, I found this
> > comment in my own book:
> 
> > So...  It's probably not wrong for Samba to ignore the second password 
> > field (the NTLM or CaseSensitivePassword field) when in SECURITY=SERVER 
> > mode.  It's also safest if the client includes the NTLM response in both 
> > fields as Windows does.
> 
> Chris - it's just a bug, nothing more.  I've had it explained in great
> detail, and it's easily fixed.

I'm sure your fix will be a good one, but I'm also sure that there is
history here.  I've got too many small bits of evidence from old magazine
articles and other such.  Not that it's in any way critical, it's just
interesting stuff.

If/when I get the chance, I'll test this with some older Windows systems
to see what happens, but I'm fairly certain that some Windows flavors will
exhibit the same behavior.  Otherwise, why would Windows clients put the 
NTLM Response into both fields?

I do think it would be safest for CIFS VFS to do as the other clients do, 
and include the response in both fields.  That, in addition to your fix 
(which will server to make Samba better...always a good thing).

Cheers,

Chris -)-----

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org


More information about the linux-cifs-client mailing list