OemDomainName in Negotiate Protocol Repsonse

Raghu Iyer riyer at kuokoa.com
Sat Jul 20 04:23:02 GMT 2002 

Richard,

Michael is correct - in that Samba does not respond
the same as Windows NT/2K. It responds correctly as
per spec.

And there-in lies the issue. I have attached a Samba
trace (packet #19, source m/c ip = 192.168.60.232, Linux)
- and going by the flags2 bit - it is correctly
sending ASCII. And Windows sends UNICODE even if flags2
bit says no-UNICODE. Not knowing whether the Server is
Samba or Windows, the client can misinterpret the
OemDomainName.

Regards,
Raghu

-----Original Message-----
From: Michael B. Allen [mailto:miallen at eskimo.com]
Sent: Saturday, July 20, 2002 1:04 AM
To: Richard Sharpe
Cc: Raghu Iyer; samba-technical at samba.org
Subject: Re: OemDomainName in Negotiate Protocol Repsonse


On Sat, 20 Jul 2002 04:12:06 +0930 (CST)
Richard Sharpe <rsharpe at ns.aus.com> wrote:

> On Fri, 19 Jul 2002, Raghu Iyer wrote:
> 
> > I have attached a packet trace between two NT4.0 machines
> > that shows a NegProt Response (packet #7) where the flags2 bit
> > does not say Unicode, yet the oemdomainname field is in UNICODE.
> > Additional packets are included to show the machine identity.
> 
> Can you elaborate on what you think the problem is? In my traces,
Samba 
> responds in UNICODE. 
> 
> So if Samba does the same as Windows NT/2K, where's the problem?

But it doesn't. Samba does the "right" thing and returns OemDomainName
in ASCII when a client asks for it in ASCII. NT returns it in Unicode
regardless of what you ask for. See attached pcap of client asking NT
for ASCII and getting only OemDomainName in Unicode.

Jul 19 15:06:00.290 - smb received
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=true,errorCod
e=0x00000000,flags=0x0098,flags2=0x0001,tid=0,pid=26455,uid=0,mid=1,word
Count=17,byteCount=22,wordCount=17,dialectIndex=0,securityMode=0x3,secur
ity=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBuffer
Size=4356,maxRawSize=65536,sessionKey=0x00000000,capabilities=0x000043FD
,serverTime=Fri Jul 19 15:12:15 EDT
2002,serverTimeZone=240,encryptionKeyLength=8,byteCount=22,encryptionKey
=0x2F62F45892789E70,oemDomainName=F]

Jul 19 15:06:00.294 - smb received
00000: FF 53 4D 42 72 00 00 00 00 98 01 00 00 00 00 00
|ÿSMBr...........|
00010: 00 00 00 00 00 00 00 00 00 00 57 67 00 00 01 00
|..........Wg....|
00020: 11 00 00 03 32 00 01 00 04 11 00 00 00 00 01 00
|....2...........|
00030: 00 00 00 00 FD 43 00 00 F0 17 6A 31 58 2F C2 01
|....ýC..ð.j1X/Â.|
00040: F0 00 08 16 00 2F 62 F4 58 92 78 9E 70 46 00 4F
|ð..../bôX.x.pF.O|
00050: 00 4F 00 4E 00 45 00 54 00 00 00                 |.O.N.E.T...
|

Here's another similar issue:

  http://discuss.microsoft.com/SCRIPTS/WA-MSD.EXE?A1=ind0104e&L=cifs

Samba and Win98 return ASCII ShortNames in
SMB_FIND_FILE_BOTH_DIRECTORY_INFO when NT and "The Spec" (4.3.4.6 on
SMB_FIND_FILE_BOTH_DIRECTORY_INFO) says these are always Unicode. Here
are two TRANS2_FIND_FIRST2/NEXT2 responses with
Unicode off:

NT:

Jul 19 15:25:55.325 - ShortName[3]
00000: 53 00 50 00 52 00 49 00 4E 00 47 00 7E 00 31 00
|S.P.R.I.N.G.~.1.|
00010: 2E 00 45 00 58 00 45 00                          |..E.X.E.
|

Jul 19 15:25:55.325 - Trans2FindFirst2/Next2Response debugging
bufferIndex=322,lastNameBufferIndex=674,nextEntryOffet=450,shortName=SPR
ING~1.EXE,shortNameLength=24
Jul 19 15:25:55.325 - ShortName[4]
00000: 50 00 41 00 4C 00 4D 00 44 00 53 00 7E 00 31 00
|P.A.L.M.D.S.~.1.|
00010: 2E 00 5A 00 49 00 50 00                          |..Z.I.P.
|

Jul 19 15:25:55.325 - Trans2FindFirst2/Next2Response debugging
bufferIndex=450,lastNameBufferIndex=674,nextEntryOffet=570,shortName=PAL
MDS~1.ZIP,shortNameLength=24
Jul 19 15:25:55.326 - Trans2FindFirst2/Next2Response debugging
bufferIndex=570,lastNameBufferIndex=674,nextEntryOffet=674,shortName=,sh
ortNameLength=0
Jul 19 15:25:55.326 - ShortName[6]
00000: 42 00 41 00 53 00 41 00 4C 00 54 00 7E 00 31 00
|B.A.S.A.L.T.~.1.|
00010: 2E 00 43 00                                      |..C.
|

Samba:

Jul 19 15:26:53.991 - ShortName[0]
00000: 4E 4F 54 49 43 7E 4B 25 2E 50 44 46              |NOTIC~K%.PDF
|

Jul 19 15:26:53.992 - Trans2FindFirst2/Next2Response debugging
bufferIndex=10,lastNameBufferIndex=482,nextEntryOffet=134,shortName=NOTI
C~K%.PDF,shortNameLength=12
Jul 19 15:26:53.993 - ShortName[1]
00000: 54 4D 50 4D 53 7E 33 5A 2E 30 38 31              |TMPMS~3Z.081
|

Jul 19 15:26:53.993 - Trans2FindFirst2/Next2Response debugging
bufferIndex=134,lastNameBufferIndex=482,nextEntryOffet=246,shortName=TMP
MS~3Z.081,shortNameLength=12
Jul 19 15:26:53.993 - ShortName[2]
00000: 4F 45 4D 44 4F 7E 47 48 2E 50 43 41              |OEMDO~GH.PCA
|

-- 
http://www.eskimo.com/~miallen/c/jus.c

-------------- next part --------------
A non-text attachment was scrubbed...
Name: DiscLinux.pkt
Type: application/octet-stream
Size: 5264 bytes
Desc: DiscLinux.pkt
Url : http://lists.samba.org/archive/samba-technical/attachments/20020720/d5a2ee73/DiscLinux.obj

More information about the samba-technical mailing list