Luke Kenneth Casson Leighton lkcl at
Wed Jan 27 19:28:20 GMT 1999

there is a bug to fix in libsmb/clientgen.c cli_session_setup() it cannot
be used to send cleartext passwords to systems with user level security

are there any objections to fixing this issue by moving the password
encryption routines outside of cli_session_setup() and then replacing the
two remaining call-sets (in client/client.c:do_connect()) and
smbwrapper/smbw.c to cli_session_setup(), cli_tcon_X() etc with calls to

the only issue then is to maintain DEBUG output that
cline/client.c:do_connect() by getting cli_establish_connection() to
generate the same DEBUG output.


More information about the samba-technical mailing list