Win 95 Problems

Michael Stockman pgmtekn at algonet.se
Tue Jul 6 23:11:00 GMT 1999


Hello,

The reason for the problems with samba, current HEAD, and W95 is due
to an error in smbd/password.c. In function smb_password_ok() there is
a piece of code:

  if (lp_server_ntlmv2() == False)
  {
    DEBUG(...);
    return False;
  }

The NT MD4 password check is done before this and the LM MD4 password
check is performed after this.

What this code does is that if your samba is not configured as a ntlm2
server (this is the default), LM MD4 passwords will not be checked.
Since these are what W95 sends, it breaks. This should probably be
removed or changed either to:

  if (lp_server_ntlmv2() == True)
or
  /* something related to the negotiated protocol,   */
  /* I don't know enough about this to write a patch */
  /* if this is the case */

This would allow older systems than ntlm2 to continue to use LM MD4
passwords and (possibly, if the code is kept) prevent them in newer
systems.

What I am unclear about is whether ntlm2 is actually a protocol level
negotiated between the client and the server or something that we
either are or aren't and everyone else will have to adjust to (which
they won't?). Looking at the code today the latter seems to be the
case, but I believe we will have huge integration issues between newer
and older software if that is our path (so I hope I'm just
misunderstanding something).

Best regards
  Michael Stockman
  pgmtekn-micke at algonet.se





More information about the samba-ntdom mailing list