CVS update: samba/source/libsmb
Andrew Bartlett
abartlet at samba.org
Sat Sep 28 22:19:35 EST 2002
Volker Lendecke wrote:
>
> On Sat, Sep 28, 2002 at 09:58:38AM +1000, Andrew Bartlett wrote:
> > This patch looks wrong.
>
> Ok, the function was wrong before. The first cli_push_string is simply not
> needed. It was there before, I did not look closely enough to notice that it's
> redundant.
>
> > Why is the password being cli_push_string()ed twice, and why is it any
> > different to any other string in Samba (which gets made unicode
> > automaticly as required).
>
> cli_push_string calls push_string directly, simply passing though the 'flags'.
> These flags say which charset the target string is in. So the call to
> cli_push_string has to say itself whether there should be unicode on the wire
> or not. The problem I see here is that this might be samba-only behaviour. I do
> not know any proprietary server that does unicode and plaintext passwords.
But we push other strings onto the wire, like paths, shares, filenames
etc. These are all in ASCII or unicode based on the remote server's
capabilities, so why is this string any different?
As to 'no other servers do', simply hack up smbclient to ignore the
encrypted passwords bit, and test. Or use smbfilter to see how MS goes
with MS doing this. Or set Samba to 'encrypt passwords = no on the
server, and grab an NT4 client's sniffer trace).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-cvs
mailing list