FWD: Some compilation warnings

Gerald Carter gcarter at valinux.com
Wed Jun 20 15:28:03 GMT 2001

On Wed, 20 Jun 2001, Luke Kenneth Casson Leighton wrote:

> hiya jerry, good to hear from you.

:-)  You doing ok?

> unrecognised opcodes are already fault-pdu'd, that's how
> ms managed to upgrade to LsaOpenPolicy3 and still
> maintain backwards-compatibility.

But it was not an unrecognized opcode.  It was a known command
with an unknown info level :)

> this is likely to be related not to the info level but to
> a newly-negotiated security 'blob' on the samr_get_user_info().

Could be.  But an NT 4 PDC doesn't support the

> anyway, if the sam_user_get_info() or sam_user_set_info()
> contains 'incorrect' info for the encryption / decryption
> of the user passwords, then you are expected to return
> a 'fault' pdu.
> seems perfectly reasonable to me.

I just don't see the logic for an invalid info level though.

> i presume that MS use this to detect 'ah ha!  this server
> doesn't support my new spiffy-diffy more secure user-password
> encryption, i'll revert to the old insecure method that
> we know and love and allows an attacker to decode all
> my passwords as if they were clear-text in the first place'.
> so, basically, try decoding the user-password.  if it comes
> out as garbage, or the length is not 516 bytes in 0x17 and
> 0x18 info levels, and not exactly... urrr... 16 bytes
> [each, for LM and NT] in 0x12 info level, then return a
> Fault PDU.

Again...these are valid points.  Need to look at it again
once I get a chance.

cheers, jerry
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com/  VA Linux Systems   gcarter at valinux.com
       http://www.samba.org/       SAMBA Team          jerry at samba.org
       http://www.plainjoe.org/                     jerry at plainjoe.org

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )

More information about the samba-technical mailing list