Samba PDC Login Problems (Located)
Simon Levitt
Simon.Levitt at uk.worldpay.com
Wed Oct 14 13:44:17 GMT 1998
Hiya,
We're tracking the CVS development of Samba, and have hit the Domain
login failures on versions for about a week now (We're using Samba as
our PDC).
Today I decided to investigate the problem further and have found some
things which may not be the whole problem, but are definately a
significant factor. The problem is only with Interactive Logins -
Normal share mounts are fine.
The problem I've found is rooted around the change in libsmb/smbdes.c
from revision 1.16 to 1.17 when the length of the Hash produced when
val == False reduced from 16 to 8 in SamOEMHash().
SamOEMHash() is used in rpc_server/srv_netlog.c:net_login_interactive()
which assumes it is producing 16 byte values (as the function used to
when passed False) and comparing the hash with the stored one (in
whatever form!). This is now failing (although the first 8 bytes are
matching) and thus returning STATUS_WRONG_PASSWORD the login.
Cheers,
Simon.,
BTW. I'm I just reading SamOEMHash() completely wrong or do the last
two for loops have the potential to completely blow the bounds of
s_box[]?
-----------------------------------------------------------------------
Simon Levitt, Consultant/Software Engineer @ WorldPay Ltd.,
Orwell House, Cowley Road, Cambridge, CB4 4WY, ENGLAND.
Simon.Levitt at uk.worldpay.com Ph:+44(0)1223 715151 F:+44(0)1223 715157
----------------------- http://www.worldpay.com/ ----------------------
More information about the samba-ntdom
mailing list