Bug 1571 - LANMAN2 protocol (and lower) broken in samba-3.x
LANMAN2 protocol (and lower) broken in samba-3.x
Product: Samba 3.0
Classification: Unclassified
Component: libsmbclient
All All
: P3 critical
: none
Assigned To: Samba Bugzilla Account
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2004-07-29 20:36 UTC by Guenter Kukkukk
Modified: 2005-08-24 10:18 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Guenter Kukkukk 2004-07-29 20:36:59 UTC
BTW - changed from samba-2.x (SUSE 8.1) to samba-3.0.5 (SUSE 9.1)
    From now on *any* connection to our (ancient) OS/2 Warpserver failed:
    "session setup failed: ERRDOS - ERRnoaccess (Access denied.)"

   It seems, that *all* LANMAN2 depending implementations are *broken*..

To easily reproduce this error on a LINUX-machine - no need for a network
connection - use (add) the following entries in smb.conf:
   interfaces = eth0
   security = user
   protocol = LANMAN2             #!!!!
   max protocol = LANMAN2         #!!!!
   encrypt passwords = yes        #(= no, not evaluated now...)

The following local executed command will fail:
   smbclient //my_linux_machine/my_share -U my_user_id%my_password

This happens due to a *serious* error in
      function cli_session_setup_lanman2()
           p = smb_buf(cli->outbuf);
           memcpy(p,lm_response.data,lm_response.length; // copy (encrypted) pw
           p += passlen;      !!!!! WHY  !!!

           Should/Must be replaced with:
           p += lm_response.length;  !!!!!!!!!!!!

In the current implementation the stored 24 bytes of (encrypted) data is
partially *overwritten* by the later following data - which leads to an ERROR.

I have currently *not* checked "the whole samba-source" for similar problems...

I have checked-out the latest samba-source - compiled it - the
error *is gone*!!!

If any support/testing of "older smb-protocols" could be done - please let me 

Best wishes.

Guenter Kukkukk

Entwicklungsbuero fuer Informationstechnologien
Damaschkestr. 24
D-10711 Berlin
Comment 1 Guenter Kukkukk 2004-07-29 21:12:57 UTC
Sorry - if it was misleading...
The original source has currently not been fixed.
  Download the latest source
  *Change the source* and compile/install it
Comment 2 Andrew Bartlett 2004-07-30 04:13:43 UTC
Fixed in SVN.
Comment 3 Gerald (Jerry) Carter 2005-08-24 10:18:34 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.