REPOST: sesssetup.c, encrypted passwords and unicode

Christopher R. Hertel crh at ubiqx.mn.org
Wed Apr 30 18:17:10 GMT 2003 

On Wed, Apr 30, 2003 at 11:04:28AM -0700, Richard Sharpe wrote:
> On Wed, 30 Apr 2003, Nir Soffer wrote:
> 
> > 
> > Hi again! :)
> > 
> > Long story short - unicode plaintext passwords don't work (not in latest 
> > CVS either). Tracked down to a small piece of code in sesssetup.c 
> > (detailed below) which snarfs the wrong passlen from the incoming packet 
> > and as a result thinks the password is NULL.
> > 
> > I fixed it in my local copy, and windows2k works with it just fine, 
> > however, this unsurprisingly breaks Windows'98 rather unforgivably.
> > 
> > I was wondering how in the context of sesssetup.c in 
> > reply_sesssetup_and_X I can figure out if the connection has unicode 
> > strings or not, as I need to know this to switch between passlen1 and 
> > passlen2. I couldn't find anything in the connection structure...
> 
> Hmmm, the flags or flags2 field of the SMB header contains a bit stating 
> whether or not UNICODE is in use. Can't you use that?

No, we want to be able to negotiate Unicode even if we've got plaintext
passwords enabled.  This is simply a cleanup that we need to do.  As far
as I know, Samba is the only server system that can offer Unicode and 
Plaintext together.  Windows clients respond (though there are some 
oddities) and we just need to make sure we handle the response correctly.  

Smbclient should also be tested to ensure that it responds correctly (last 
time I checked, it didn't).

I was going to work this out with folks at SambaXP but there just wasn't 
time.

I have captures, but it's very easy to set this up.  Just enable plaintext 
passwords in Samba3.0 and then try to connect using various Windows 
flavors.

Chris -)-----

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list