Bug 13301 - libsmbclient tree connect with Username and without password access to Windows server fails in samba-4.7.4
libsmbclient tree connect with Username and without password access to Window...
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: libsmbclient
All All
: P5 normal
: ---
Assigned To: Samba QA Contact
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2018-02-26 13:20 UTC by shivappa
Modified: 2018-02-28 08:56 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description shivappa 2018-02-26 13:20:55 UTC
Accessing Windows without password from libsmbclient fails.
"SPNEGO login failed: The attempted logon is invalid. This is either due to 
a bad username or authentication information."

This happens with libsmbclient but not with smbclient command.
When checked only difference is set_cmdline_auth_info_password(*) function is not called in smbclient command flow.

When empty password is passed it will set to NULL as in below code in case of libsmbclient.
void set_cmdline_auth_info_password(struct user_auth_info *auth_info,
                    const char *password)
    bool ok;

    auth_info->got_pass = true;

**** Is below mandatory. ???? This is not set when smbclient command is used
(smbclient \\ip\share -Uuser% -d5)

    if (password != NULL && strlen(password) == 0) {
        password = NULL;
    ok = cli_credentials_set_password(auth_info->creds,
    if (!ok) {

When SessionSetup Request is filled with credentials: WORKGROUP\username, below values are set to empty in packets.
NTLM Response: empty
Lan Manager Response: empty
In what all cases Response is set to empty ????

Before version of samba is fine(samba-4.4.x).

Can anybody help to resolve the issue.
Comment 1 shivappa 2018-02-28 08:56:55 UTC
I have added below patch it is working fine for empty password case too.

When empty password is set then cli_credentials_set_password() is not called. So for empty password, CRED_UNINITIALISED is set instead of CRED_SPECIFIED and inturn NTLM Response and Lan Manager Response were set empty.

--- b/source3/libsmb/cliconnect.c       2018-02-28 14:16:14.367639075 +0530
+++ a/source3/libsmb/cliconnect.c       2018-02-28 14:16:28.033759403 +0530
@@ -184,7 +184,7 @@ struct cli_credentials *cli_session_cred

-       if (password != NULL && strlen(password) > 0) {
+//     if (password != NULL && strlen(password) > 0) {
                if (password_is_nt_hash) {
                        struct samr_Password nt_hash;
                        size_t converted;
@@ -211,7 +211,7 @@ struct cli_credentials *cli_session_cred
                                goto fail;
-       }
+//     }

        return creds;

Is there any reason for not calling cli_credentials_set_password() for empty password???