[Samba] Clear text authentication impossible???

[Beschorner Daniel]

So I'm only the 2nd winner with this bug :-)

Thank you, it works! (got to move the definition of pwhash[16] one line
higher in the patch to compile)

Daniel

-----Ursprüngliche Nachricht-----
Von: Andrew Bartlett [mailto:abartlet at samba.org]
Gesendet: Donnerstag, 23. Oktober 2003 00:51
An: Jeremy Allison
Cc: Beschorner Daniel; 'samba at lists.samba.org'
Betreff: Re: [Samba] Clear text authentication impossible???


On Thu, 2003-10-23 at 05:16, Jeremy Allison wrote:
> On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote:
> > We have an Exchange 5.5 server in our Samba 3 domain und want to have
POP3
> > access with clear text authentication from clients.
> > But no kind of credentials is accepted.
> > 
> > It did a level 10 log on the Samba server and found my clear text
password
> > in the log (in nt_chal_resp and lm_chal_resp fields) during
authentication.
> > 
> > Is it possible that Samba can't handle the clear-text pass-through from
> > POP3-Client per Exchange server and takes it for NTLMv2 challenge????
> 
> Can you post the debug level 10 log please (obfuscate all passwords of
course :-).

I picked this one up at the end of last week.   I never got it into CVS,
because I didn't have the setup to test it.  (And I wanted to clean it
up a bit, we should also handle the 'interactive' login in a similar
way, and possibly 'ascii' passwords against the LM hash).

Thanks to Fabien Chevalier for providing the information that made
fixing this so easy.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net