Bug 6492 - access smbd (with encrypt passwords off) using WindowsNT4 fails
access smbd (with encrypt passwords off) using WindowsNT4 fails
Status: REOPENED
Product: Samba 3.3
Classification: Unclassified
Component: File services
unspecified
All Linux
: P3 normal
: ---
Assigned To: Volker Lendecke
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-22 08:01 UTC by Lutz Mark
Modified: 2016-10-25 20:21 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lutz Mark 2009-06-22 08:01:43 UTC
Accessing smbd using WinNT4 client and plain text passwords
fails. The log.smbd file says:
unix authentication for user [.] FAILED with error NT_STATUS_WRONG_PASSWORD

Server: CentOS 5.3, Samba 3.3.5 (also samba 3.0.33)
  smb.conf: encrypt passwords = no; passdb backend = smbpasswd

Client: WinNT4.0 (Servicepack 4)
  Registry adapted with EnablePlainTextPasswords=1

I had run smbd in a debugger and discovered that my NT-client
sends the password as Unicode-String, but the smbd-server
decodes the string as Ascii.
The following patch of ./source/smbd/sesssetup.c does solve
the problem for my environment:

8<---------------------------------------------------------------

--- sesssetup.c 2009-06-22 14:43:43.000000000 +0200
+++ sesssetup_org.c     2009-06-16 11:52:50.000000000 +0200
@@ -1560,5 +1560,5 @@
                                                        smb_buf(req->inbuf),
                                                        passlen1,
-                                                       STR_TERMINATE|STR_UNICODE);
+                                                       STR_TERMINATE|STR_ASCII);
                        } else {
                                (void)srvstr_pull_talloc(talloc_tos(),

----------------------------------------------------------------->8

Maybe there is another case to consider (!unicode && (passlen2==0)),
then the patch could be:

8<---------------------------------------------------------------

--- sesssetup.c 2009-06-22 14:53:53.000000000 +0200
+++ sesssetup_org.c     2009-06-16 11:52:50.000000000 +0200
@@ -1553,13 +1553,4 @@
 
                        if (unic && (passlen2 == 0) && passlen1) {
-                               /* Only an unicode plaintext password was sent. */
-                               (void)srvstr_pull_talloc(talloc_tos(),
-                                                       req->inbuf,
-                                                       req->flags2,
-                                                       &pass,
-                                                       smb_buf(req->inbuf),
-                                                       passlen1,
-                                                       STR_TERMINATE|STR_UNICODE);
-                       } else if ( (passlen2 == 0) && passlen1) {
                                /* Only a ascii plaintext password was sent. */
                                (void)srvstr_pull_talloc(talloc_tos(),
Comment 1 Volker Lendecke 2009-07-15 09:32:29 UTC
Really closing this time :-)
Comment 2 Volker Lendecke 2009-07-15 09:33:28 UTC
Sorry, accidentially closed this one.