Patch NTLMv2 hash, samba-3.0.2a
Andrew Bartlett
abartlet at samba.org
Sat Mar 27 07:56:24 GMT 2004
On Fri, 2004-03-19 at 04:33, Jianliang Lu wrote:
> On Thu Mar 18 11:55:09 GMT 2004, Andrew Bartlett wrote:
>
> > Given the range of clients out there, I suspect we can't quite do that.
> > But I can do better. We already test for multiple different variants on
> > the NTLMv2 hash, so I'll just add yet another boolean parameter...
> >
> > The problem is, the Spec says otherwise, and we have clients that supply
> > NTLMv2 via things other than NTLMSSP.
> >
> > We need to test what Win2k accepts, but we have found that Win2k and NT4
> > are rather bad at NTLMv2. See, nobody uses it, and MS gets it wrong
> > even more then we do (we have workarounds for MS client bugs that even
> > their own servers do not have!)
> >
> > I've not even compiled the attached patch, but this is how I want to
> > deal with this. On the client side, we will need to try and proceed
> > while breaking as few compatibility scenarios as possible...
> >
> > Thanks for chasing this down!
> >
> > Andrew Bartlett
>
> I've made some small adjustments to your patch in ntlm_check.c, because also
> the LMv2 check call the "smb_pwd_check_ntlmv2". The smbencrypt.c is ok. I've
> tested the patch for both NT and XP, it worked. I'll test it also for W2K.
> Fixed patch is attached.
I've applied this patch to CVS.
Thanks!
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040327/7925b532/attachment.bin
More information about the samba-technical
mailing list