[linux-cifs-client] International characters in username/password

Thu Apr 22 08:11:58 MDT 2010

On Thu, Apr 22, 2010 at 8:49 AM, Jeff Layton <jlayton at samba.org> wrote:
> On Thu, 22 Apr 2010 08:38:40 -0500
> Shirish Pargaonkar <shirishpargaonkar at gmail.com> wrote:
>
>> On Thu, Apr 22, 2010 at 7:28 AM, Jeff Layton <jlayton at samba.org> wrote:
>> > On Thu, 22 Apr 2010 10:58:03 +0100
>> > Alex Zeffertt <alex.zeffertt at eu.citrix.com> wrote:
>> >
>> >> Hi all,
>> >>
>> >> Does anybody know how to get "mount.cifs -ocredentials=path/to/file" to work
>> >> when there are international characters in the credentials file?
>> >>
>> >> I tested this with a password containing the £ (British pound) sign and I got
>> >> the following error:
>> >>
>> >>    mount error 13 = Permission denied
>> >>    Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)
>> >>
>> >> The credentials file appears to be UTF-8, with all the characters one byte wide
>> >> except for the "£" sign which is encoded as "0xc2 0xa3".
>> >>
>> >> I am using samba-client-3.0.33-3.15.el5_4.1 with linux-2.6.27 and Windows 2003
>> >> Server to host the share.
>> >>
>> >> Regards,
>> >>
>> >> Alex
>> >> _______________________________________________
>> >> linux-cifs-client mailing list
>> >> linux-cifs-client at lists.samba.org
>> >> https://lists.samba.org/mailman/listinfo/linux-cifs-client
>> >>
>> >
>> > mount.cifs and the kernel both pretty much treat the password as an
>> > opaque sequence of bytes and don't really care what character set
>> > they're in. The exception would be if you had a character with a NULL
>> > byte embedded in it, which would probably trick them into truncating
>> > the password. That doesn't sound like it's the case here.
>> >
>> > I think it's likely that the kernel routine that generates the NTLM

H>> > hashes in fs/cifs/smbencrypt.c is broken with respect to multibyte
>> > characters. It seems to expect ASCII passwords, but I don't 100%
>> > understand what it's doing at the moment.
>>
>> E_md4hash converts passwords to Unicode but I am not sure
>> whether it handles non-ascii characters in the password during conversion
>> and how.
>>
>
> The conversion to unicode seems to be very suspect (see _my_mbstowcs).
> It doesn't call into the NLS routines, for instance but rather converts
> each byte to a wide char using its own routine. This seems to be OK
> with ASCII, but it probably falls down with a multibyte UTF8 char.
>
> --
> Jeff Layton <jlayton at samba.org>
>

Have to investigate. I have used ! as one of the characters in the password.
Not sure whether it is multibyte or not.