Patch NTLMv2 hash, samba-3.0.2a

Andrew Bartlett abartlet at
Sat Mar 27 07:56:24 GMT 2004

On Fri, 2004-03-19 at 04:33, Jianliang Lu wrote:
> On Thu Mar 18 11:55:09 GMT 2004, Andrew Bartlett wrote:
> > Given the range of clients out there, I suspect we can't quite do that. 
> > But I can do better.  We already test for multiple different variants on
> > the NTLMv2 hash, so I'll just add yet another boolean parameter...
> > 
> > The problem is, the Spec says otherwise, and we have clients that supply
> > NTLMv2 via things other than NTLMSSP.  
> > 
> > We need to test what Win2k accepts, but we have found that Win2k and NT4
> > are rather bad at NTLMv2.  See, nobody uses it, and MS gets it wrong
> > even more then we do (we have workarounds for MS client bugs that even
> > their own servers do not have!)
> > 
> > I've not even compiled the attached patch, but this is how I want to
> > deal with this.  On the client side, we will need to try and proceed
> > while breaking as few compatibility scenarios as possible...
> > 
> > Thanks for chasing this down!
> > 
> > Andrew Bartlett
> I've made some small adjustments to your patch in ntlm_check.c, because also 
> the LMv2 check call the "smb_pwd_check_ntlmv2". The smbencrypt.c is ok. I've 
> tested the patch for both NT and XP, it worked. I'll test it also for W2K. 
> Fixed patch is attached.

I've applied this patch to CVS.


Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list