Plaintext passwords simply don't work when security=user and windows 2k is the client. I marked this as critical since this WILL break installations that simply want to use their NIS database as a password repository without bothering with smbpasswd. I'm sure many installations do that. And a great many thanks to CRH for helping me out here. the first problem is thus: W2K clients don't handle unicode passwords very well in plaintext - see: http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B257292 After applying the service pack, the second problem is thus - in smbd/sesssetup. c: if (doencrypt) { lm_resp = data_blob(p, passlen1); nt_resp = data_blob(p+passlen1, passlen2); } else { pstring pass; srvstr_pull(inbuf, pass, smb_buf(inbuf), sizeof(pass), passlen1, STR_TERMINATE); plaintext_password = data_blob(pass, strlen(pass)+1); } As you can see, the code snarfs passlen1 regardless of unicode or ascii negotiations. My new code works - and it looks like so: if (doencrypt) { lm_resp = data_blob(p, passlen1); nt_resp = data_blob(p+passlen1, passlen2); } else { pstring pass; BOOL unic; unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS; srvstr_pull(inbuf, pass, smb_buf(inbuf), sizeof(pass), unic ? passlen2 : passlen1, STR_TERMINATE); plaintext_password = data_blob(pass, strlen(pass)+1); } Only problem with that is if both ASCII and unicode passwords are sent. Feel free to contact me at any time. For reference, this is bug #2129 in our database.
Created attachment 5 [details] Check if unicode was negotiated and use respective passlen
patch looks ok. Had to fix cli_session_setup_plaintext() to send the unicode password if CAP_UNICODE was included in the capabilities.
originally reported against 3.0alpha23. Bugzilla spring cleaning.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
database cleanup