Issues with cli_session_setup() calling conventions
Gerald (Jerry) Carter
jerry at samba.org
Thu Jan 20 20:41:22 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andrew Bartlett wrote:
| Jerry,
|
| It has been pointed out to me that there are a
| number of problems with the current code for
| cli_session_setup(). Now, the problems are not
| new, but it has recently come up that certain
| security=server setups break it, where the client
| doesn't supply an LM response. (This came up
| via the cifs-vfs lists).
|
| The problems revolve around the fact that the value
| of passlen is a very poor indicator for everything. It
| is currently length of pass, as expecting it to be
| either an LM response (==24), strlen(pass) or strlen
| (pass)+1:
|
| The bug is that in cli_session_setup_nt1():
|
| if (passlen == 0) {
| /* do nothing - guest login */
| } else if (passlen != 24) {
|
| is bogus - the guest login case is already handled in
| cli_session_setup (), and a plaintext password (that
| we should encrypt at this point) of length 24 is
| mishandled. If the LM password is not supplied, then
| passlen==0, and bad things happen.
|
| There should only be one place in Samba3 that needs
| to specify the pre- encrypted NT and LM responses,
| and that is the security=server code.
|
| But the rest of the code now 'handles' the bloated interface,
| as a grep on cli_session_setup() shows. This all leaves
| me a little uneasy going out to 'fix' it.
|
| In any case, this is only an issue in security=server,
| which probably explains why nobody noticed in the past.
Andrew,
So what is exactly is your proposal? Not sure I follow you.
I understand the problem but am not sure what you are asking
me (or you) to do. I get the feeling that this is one of
those bugs we have that may cost more to fix than it is worth.
Is there a thread URL you can point me to to get caught up
on the discussion?
cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back." Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB8BdyIR7qMdg1EfYRAjWIAJ4ugrxH/4stRlDIt9rGs7X3RKy0UACeIr/9
6YRAT3HD9a+aBVn9Uh63SE0=
=iHCk
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list