Issues with cli_session_setup() calling conventions

Gerald (Jerry) Carter jerry at samba.org
Thu Jan 20 20:41:22 GMT 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew Bartlett wrote:
| Jerry,
|
| It has been pointed out to me that there are a
| number of problems with the current code for
| cli_session_setup().  Now, the problems are not
| new, but it has recently come up that certain
| security=server setups break it, where the client
| doesn't supply an LM response.  (This came up
| via the cifs-vfs lists).
|
| The problems revolve around the fact that the value
| of passlen is a very poor indicator for everything.  It
| is currently length of pass, as expecting it to be
| either an LM response (==24), strlen(pass) or strlen
| (pass)+1:
|
| The bug is that in cli_session_setup_nt1():
|
| 	if (passlen == 0) {
| 		/* do nothing - guest login */
| 	} else if (passlen != 24) {
|
| is bogus - the guest login case is already handled in
| cli_session_setup (), and a plaintext password (that
| we should encrypt at this point) of length 24 is
| mishandled.  If the LM password is not supplied, then
| passlen==0, and bad things happen.
|
| There should only be one place in Samba3 that needs
| to specify the pre- encrypted NT and LM responses,
| and that is the security=server code.
|
| But the rest of the code now 'handles' the bloated interface,
| as a grep on cli_session_setup() shows.  This all leaves
| me a little uneasy going out to 'fix' it.
|
| In any case, this is only an issue in security=server,
| which probably explains why nobody noticed in the past.

Andrew,

So what is exactly is your proposal?  Not sure I follow you.
I understand the problem but am not sure what you are asking
me (or you) to do.  I get the feeling that this is one of
those bugs we have that may cost more to fix than it is worth.

Is there a thread URL you can point me to to get caught up
on the discussion?





cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB8BdyIR7qMdg1EfYRAjWIAJ4ugrxH/4stRlDIt9rGs7X3RKy0UACeIr/9
6YRAT3HD9a+aBVn9Uh63SE0=
=iHCk
-----END PGP SIGNATURE-----

More information about the samba-technical mailing list