REPOST: sesssetup.c, encrypted passwords and unicode
Nir Soffer
nirs at exanet.com
Tue Apr 8 08:39:01 GMT 2003
> -----Original Message-----
> From: Christopher R. Hertel [mailto:crh at ubiqx.mn.org]
> Sent: Monday, April 07, 2003 9:33 PM
> To: Nir Soffer
> Cc: samba-technical at lists.samba.org
> Subject: Re: REPOST: sesssetup.c, encrypted passwords and unicode
>
>
> Nir,
>
> I am rushing to get my book finished, but I plan on spending some time
> with the rest of the Team next week and will show them what I
> have found
> with regard to this issue.
>
> Again, I do not believe that Windows servers offer the
> plaintext/Unicode
> combination. This is something that only Samba servers (as
> far as I know)
> can handle. To make this work, we need to see how Windows
> clients react
> to it and do our best to compensate.
I managed to get it to work, as I detailed below. The first problem was the service pack (detailed in the KB article I sent you earlier), and the second problem is sesssetup.c snarfing the wrong password field in that specific codepath...
Nir.
--
Nir Soffer -=- Exanet Inc. -=- http://www.evilpuppy.org
"Father, why are all the children weeping? / They are merely crying son
O, are they merely crying, father? / Yes, true weeping is yet to come"
-- Nick Cave and the Bad Seeds, The Weeping Song
> Chris -)-----
>
> On Mon, Apr 07, 2003 at 08:32:49PM +0300, Nir Soffer wrote:
> >
>
> > (Sorry for reposting, but this still looks like a bug to me, no one
> > acknowledged it or told me I was wrong - and from what I've seen it
> > hasn't been really fixed in 3.0 yet..)
> >
> > Hi there! I've been trying to get Samba 3.0 to use
> plaintext passwords
> > and unicode for a while now.
> >
> > The first thing I stumbled on was solved, it was a service pack that
> > needed to be applied to w2k. (Thanks!)
> >
> > This is the second thing I stumbled on:
> > In line 613 of sesssetup.c (latest CVS) there is the
> following code snippet:
> > } else {
> > pstring pass;
> > srvstr_pull(inbuf, pass, smb_buf(inbuf),
> > sizeof(pass),
> passlen1, STR_TERMINATE);
> > plaintext_password =
> data_blob(pass, strlen(pass)+1);
> > }
> >
>
> > From what (limited) understanding I have, passlen1 in this
> case is the
> > non-unicode password, and passlen2 is the unicode password.
> The code
> > pull the wrong passlen, and consequently the wrong password
> was checked
> > against the database. ( a password with a length of 0)
> >
> > Changing the code to use passlen2 basically allowed me to
> login, but I'm
> > pretty sure this is not the correct fix (I would think that
> one should
> > first check if the connection is unicode or not).
> >
> > Just FYI,
> > Thanks :)
> >
> > Nir.
> >
> >
> > --
> > Nir Soffer -=- Exanet Inc. -=- http://www.evilpuppy.org
> > "Father, why are all the children weeping? / They are
> merely crying son
> > O, are they merely crying, father? / Yes, true weeping is
> yet to come"
> > -- Nick Cave and the Bad Seeds, The Weeping Song
> >
>
> --
> Samba Team -- http://www.samba.org/ -)----- Christopher
> R. Hertel
> jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx
> development, uninq.
> ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
> OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
>
More information about the samba-technical
mailing list