OemDomainName in Negotiate Protocol Repsonse

Michael B. Allen miallen at eskimo.com
Fri Jul 19 12:31:02 GMT 2002 

On Sat, 20 Jul 2002 04:12:06 +0930 (CST)
Richard Sharpe <rsharpe at ns.aus.com> wrote:

> On Fri, 19 Jul 2002, Raghu Iyer wrote:
> 
> > I have attached a packet trace between two NT4.0 machines
> > that shows a NegProt Response (packet #7) where the flags2 bit
> > does not say Unicode, yet the oemdomainname field is in UNICODE.
> > Additional packets are included to show the machine identity.
> 
> Can you elaborate on what you think the problem is? In my traces, Samba 
> responds in UNICODE. 
> 
> So if Samba does the same as Windows NT/2K, where's the problem?

But it doesn't. Samba does the "right" thing and returns OemDomainName
in ASCII when a client asks for it in ASCII. NT returns it in Unicode
regardless of what you ask for. See attached pcap of client asking NT
for ASCII and getting only OemDomainName in Unicode.

Jul 19 15:06:00.290 - smb received
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=true,errorCode=0x00000000,flags=0x0098,flags2=0x0001,tid=0,pid=26455,uid=0,mid=1,wordCount=17,byteCount=22,wordCount=17,dialectIndex=0,securityMode=0x3,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=4356,maxRawSize=65536,sessionKey=0x00000000,capabilities=0x000043FD,serverTime=Fri Jul 19 15:12:15 EDT 2002,serverTimeZone=240,encryptionKeyLength=8,byteCount=22,encryptionKey=0x2F62F45892789E70,oemDomainName=F]

Jul 19 15:06:00.294 - smb received
00000: FF 53 4D 42 72 00 00 00 00 98 01 00 00 00 00 00  |ÿSMBr...........|
00010: 00 00 00 00 00 00 00 00 00 00 57 67 00 00 01 00  |..........Wg....|
00020: 11 00 00 03 32 00 01 00 04 11 00 00 00 00 01 00  |....2...........|
00030: 00 00 00 00 FD 43 00 00 F0 17 6A 31 58 2F C2 01  |....ýC..ð.j1X/Â.|
00040: F0 00 08 16 00 2F 62 F4 58 92 78 9E 70 46 00 4F  |ð..../bôX.x.pF.O|
00050: 00 4F 00 4E 00 45 00 54 00 00 00                 |.O.N.E.T...     |

Here's another similar issue:

  http://discuss.microsoft.com/SCRIPTS/WA-MSD.EXE?A1=ind0104e&L=cifs

Samba and Win98 return ASCII ShortNames in
SMB_FIND_FILE_BOTH_DIRECTORY_INFO when NT and "The Spec" (4.3.4.6 on
SMB_FIND_FILE_BOTH_DIRECTORY_INFO) says these are always Unicode. Here
are two TRANS2_FIND_FIRST2/NEXT2 responses with
Unicode off:

NT:

Jul 19 15:25:55.325 - ShortName[3]
00000: 53 00 50 00 52 00 49 00 4E 00 47 00 7E 00 31 00  |S.P.R.I.N.G.~.1.|
00010: 2E 00 45 00 58 00 45 00                          |..E.X.E.        |

Jul 19 15:25:55.325 - Trans2FindFirst2/Next2Response debugging
bufferIndex=322,lastNameBufferIndex=674,nextEntryOffet=450,shortName=SPRING~1.EXE,shortNameLength=24
Jul 19 15:25:55.325 - ShortName[4]
00000: 50 00 41 00 4C 00 4D 00 44 00 53 00 7E 00 31 00  |P.A.L.M.D.S.~.1.|
00010: 2E 00 5A 00 49 00 50 00                          |..Z.I.P.        |

Jul 19 15:25:55.325 - Trans2FindFirst2/Next2Response debugging
bufferIndex=450,lastNameBufferIndex=674,nextEntryOffet=570,shortName=PALMDS~1.ZIP,shortNameLength=24
Jul 19 15:25:55.326 - Trans2FindFirst2/Next2Response debugging
bufferIndex=570,lastNameBufferIndex=674,nextEntryOffet=674,shortName=,shortNameLength=0
Jul 19 15:25:55.326 - ShortName[6]
00000: 42 00 41 00 53 00 41 00 4C 00 54 00 7E 00 31 00  |B.A.S.A.L.T.~.1.|
00010: 2E 00 43 00                                      |..C.            |

Samba:

Jul 19 15:26:53.991 - ShortName[0]
00000: 4E 4F 54 49 43 7E 4B 25 2E 50 44 46              |NOTIC~K%.PDF    |

Jul 19 15:26:53.992 - Trans2FindFirst2/Next2Response debugging
bufferIndex=10,lastNameBufferIndex=482,nextEntryOffet=134,shortName=NOTIC~K%.PDF,shortNameLength=12
Jul 19 15:26:53.993 - ShortName[1]
00000: 54 4D 50 4D 53 7E 33 5A 2E 30 38 31              |TMPMS~3Z.081    |

Jul 19 15:26:53.993 - Trans2FindFirst2/Next2Response debugging
bufferIndex=134,lastNameBufferIndex=482,nextEntryOffet=246,shortName=TMPMS~3Z.081,shortNameLength=12
Jul 19 15:26:53.993 - ShortName[2]
00000: 4F 45 4D 44 4F 7E 47 48 2E 50 43 41              |OEMDO~GH.PCA    |

-- 
http://www.eskimo.com/~miallen/c/jus.c

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OemDomainNameUnicode.pcap
Type: application/octet-stream
Size: 12111 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020719/c01c0326/OemDomainNameUnicode.obj

More information about the samba-technical mailing list