REPOST: sesssetup.c, encrypted passwords and unicode

Nir Soffer nirs at exanet.com
Tue Apr 8 08:39:01 GMT 2003 

> -----Original Message-----
> From: Christopher R. Hertel [mailto:crh at ubiqx.mn.org]
> Sent: Monday, April 07, 2003 9:33 PM
> To: Nir Soffer
> Cc: samba-technical at lists.samba.org
> Subject: Re: REPOST: sesssetup.c, encrypted passwords and unicode
> 
> 
> Nir,
> 
> I am rushing to get my book finished, but I plan on spending some time
> with the rest of the Team next week and will show them what I 
> have found
> with regard to this issue.
> 
> Again, I do not believe that Windows servers offer the 
> plaintext/Unicode 
> combination.  This is something that only Samba servers (as 
> far as I know) 
> can handle.  To make this work, we need to see how Windows 
> clients react 
> to it and do our best to compensate.

I managed to get it to work, as I detailed below. The first problem was the service pack (detailed in the KB article I sent you earlier), and the second problem is sesssetup.c snarfing the wrong password field in that specific codepath...

Nir.



--
Nir Soffer -=- Exanet Inc. -=- http://www.evilpuppy.org
"Father, why are all the children weeping? / They are merely crying son
 O, are they merely crying, father? / Yes, true weeping is yet to come"
        -- Nick Cave and the Bad Seeds, The Weeping Song
 
 
> Chris -)-----
> 
> On Mon, Apr 07, 2003 at 08:32:49PM +0300, Nir Soffer wrote:
> > 
> 
> > (Sorry for reposting, but this still looks like a bug to me, no one
> > acknowledged it or told me I was wrong - and from what I've seen it 
> > hasn't been really fixed in 3.0 yet..)
> > 
> > Hi there! I've been trying to get Samba 3.0 to use 
> plaintext passwords
> > and unicode for a while now.
> > 
> > The first thing I stumbled on was solved, it was a service pack that
> > needed to be applied to w2k. (Thanks!)
> > 
> > This is the second thing I stumbled on:
> > In line 613 of sesssetup.c (latest CVS) there is the 
> following code snippet:
> >                 } else {
> >                         pstring pass;
> >                         srvstr_pull(inbuf, pass, smb_buf(inbuf),
> >                                     sizeof(pass),  
> passlen1, STR_TERMINATE);
> >                         plaintext_password = 
> data_blob(pass, strlen(pass)+1);
> >                 }
> > 
> 
> > From what (limited) understanding I have, passlen1 in this 
> case is the 
> > non-unicode password, and passlen2 is the unicode password. 
> The code 
> > pull the wrong passlen, and consequently the wrong password 
> was checked
> > against the database. ( a password with a length of 0)
> > 
> > Changing the code to use passlen2 basically allowed me to 
> login, but I'm
> > pretty sure this is not the correct fix (I would think that 
> one should
> > first check if the connection is unicode or not).
> > 
> > Just FYI,
> > Thanks :)
> > 
> > Nir.
> > 
> > 
> > --
> > Nir Soffer -=- Exanet Inc. -=- http://www.evilpuppy.org
> > "Father, why are all the children weeping? / They are 
> merely crying son
> >  O, are they merely crying, father? / Yes, true weeping is 
> yet to come"
> >         -- Nick Cave and the Bad Seeds, The Weeping Song
> >  
> 
> -- 
> Samba Team -- http://www.samba.org/     -)-----   Christopher 
> R. Hertel
> jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx 
> development, uninq.
> ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
> OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org
>

More information about the samba-technical mailing list