Samba4: Bug in ntlm_auth's ntlmssp-client-1 mode

Kai Blin k.blin at gmx.net
Tue Aug 23 18:16:59 GMT 2005


* Kai Blin <k.blin at gmx.net> [23/08/05, 19:16:39]:
> Hi folks,
> 
> I just stumbled over an error in samba 4's ntlm_auth.
> 
> It roughly looks like this:
> 
> When running it with ntlm_auth --helper-protocol=ntlmssp-client-1
> --password=testpass --domain=NOWHERE --username=$USER
> 
> If lenght of $USER % 3 is 0, ntlm_auth v4 returns the same lenght of
> base64 blob as v3. This seems to be correct.
> 
> If lenght of $USER % 3 is 1, the response is one character short,
> resulting in an invalid base64 blob.
> 
> If lenght of $USER % 3 is 2, the response is one character too long,
> also resulting in an invalid base64 blob.
> 
> This behaviour seems to change in offset if the lenght of the domain
> name changes.

Yes, it looks like if $DOMAIN + $USER % 3 == 1 the length of the base64
blob is ok. 

Hope this helps locating the bug.

Cheers,
Kai

-- 
Kai Blin, private email
The last vestiges of the old Republic have been swept away.
		-- Governor Tarkin


More information about the samba-technical mailing list