[linux-cifs-client] International characters in username/password

Steve French smfrench at gmail.com
Thu Apr 22 09:28:05 MDT 2010


On Thu, Apr 22, 2010 at 9:11 AM, Shirish Pargaonkar
<shirishpargaonkar at gmail.com> wrote:
> On Thu, Apr 22, 2010 at 8:49 AM, Jeff Layton <jlayton at samba.org> wrote:
>> On Thu, 22 Apr 2010 08:38:40 -0500
>> Shirish Pargaonkar <shirishpargaonkar at gmail.com> wrote:
>>
>>> On Thu, Apr 22, 2010 at 7:28 AM, Jeff Layton <jlayton at samba.org> wrote:
>>> > On Thu, 22 Apr 2010 10:58:03 +0100
>>> > Alex Zeffertt <alex.zeffertt at eu.citrix.com> wrote:
>>> >
>>> >> Hi all,
>>> >>
>>> >> Does anybody know how to get "mount.cifs -ocredentials=path/to/file" to work
>>> >> when there are international characters in the credentials file?
>>> >>
>>> >> I tested this with a password containing the £ (British pound) sign and I got
>>> >> the following error:
>>> >>
>>> >>    mount error 13 = Permission denied
>>> >>    Refer to the mount.cifs(8) manual page (e.g.man mount.cifs)
>>> >>
>>> >> The credentials file appears to be UTF-8, with all the characters one byte wide
>>> >> except for the "£" sign which is encoded as "0xc2 0xa3".
>>> >>
>>> >> I am using samba-client-3.0.33-3.15.el5_4.1 with linux-2.6.27 and Windows 2003
>>> >> Server to host the share.
>>> >>
>>> >> Regards,
>>> >>
>>> >> Alex
>>> >> _______________________________________________
>>> >> linux-cifs-client mailing list
>>> >> linux-cifs-client at lists.samba.org
>>> >> https://lists.samba.org/mailman/listinfo/linux-cifs-client
>>> >>
>>> >
>>> > mount.cifs and the kernel both pretty much treat the password as an
>>> > opaque sequence of bytes and don't really care what character set
>>> > they're in. The exception would be if you had a character with a NULL
>>> > byte embedded in it, which would probably trick them into truncating
>>> > the password. That doesn't sound like it's the case here.
>>> >
>>> > I think it's likely that the kernel routine that generates the NTLM
>
> H>> > hashes in fs/cifs/smbencrypt.c is broken with respect to multibyte
>>> > characters. It seems to expect ASCII passwords, but I don't 100%
>>> > understand what it's doing at the moment.
>>>
>>> E_md4hash converts passwords to Unicode but I am not sure
>>> whether it handles non-ascii characters in the password during conversion
>>> and how.
>>>
>>
>> The conversion to unicode seems to be very suspect (see _my_mbstowcs).
>> It doesn't call into the NLS routines, for instance but rather converts
>> each byte to a wide char using its own routine. This seems to be OK
>> with ASCII, but it probably falls down with a multibyte UTF8 char.
>>
>> --
>> Jeff Layton <jlayton at samba.org>
>>
>
> Have to investigate. I have used ! as one of the characters in the password.
> Not sure whether it is multibyte or not.

No - that is not multibyte, it is 0x21.  Try one from the list encoded
at 0x100 and above

http://www.utf8-chartable.de/unicode-utf8-table.pl?start=256



-- 
Thanks,

Steve


More information about the linux-cifs-client mailing list