Bug 718 - XP and NT4 Authentication unencrypted passwords
XP and NT4 Authentication unencrypted passwords
Status: RESOLVED DUPLICATE of bug 815
Product: Samba 3.0
Classification: Unclassified
Component: File Services
3.0.0preX
All Solaris
: P3 major
: none
Assigned To: Andrew Bartlett
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-11-05 04:57 UTC by Jonathan Adams
Modified: 2005-11-14 09:29 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jonathan Adams 2003-11-05 04:57:23 UTC
Downloaded the latest Samba, applied the rc4 patch and compiled with gcc 2.95.3.
Our site uses plain passwords, some windows 3.1 boxes still need to connect.

Windows 95, Windows 98 and Windows 2K clients connect no hassle, same with
smbclient from many different versions of Samba.

however my NT4 (SP6+) box and our XP (SP0) box in this room cannot connect.

using auth_unix authentication (with some manual debug) umm ... NT4 box
mechanism doesn't appear to be providing _any_ password to the pass_check
function, the WinXP box only appears to be providing gibberish.

Both of these boxes work fine talking to our 2.0 and 2.2 Samba servers running
in very similar environments.
Comment 1 Jonathan Adams 2003-11-06 01:53:55 UTC
ok ... i've dug deeper ... i can get NT4 to authenticate if i modify
smbd/sesssetup.c

if i force it to use passlen1 instead of passlen2 (worked out using the unic
variable) i can authenticate my NT4 box. (line 827 ish)

since mine is the only NT4 box in the building i could fix it by checking if
it's NT4 first (which it is correctly identified as)

this doesn't fix the XP password problem.
Comment 2 Jonathan Adams 2003-11-06 02:24:47 UTC
actually, not sure what it breaks but changing:
unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS;
to
unic=SVAL(inbuf, smb_flg2) & FLAGS2_UNICODE_STRINGS && passlen2 != 0;

appears to work.
Comment 3 Jonathan Adams 2003-11-06 06:21:22 UTC
XP still doesn't work non-encrypted, but i'm assuming this is a completely
different problem.
Can't really spend much longer looking at it by myself, if you have any
thoughts, i can test them on our systems and give feedback.
Comment 4 Andrew Bartlett 2003-11-06 15:34:34 UTC
This is not a bug in the ntlm_auth utility.

Plaintext passwords on unicode connections are known to have issues, due to bugs
in the MS clients, and the basic fact that Samba is the only server to even
offer this capability.

We should fix this bug, but use of unencrypted passwords will always cause issues.
Comment 5 Andrew Bartlett 2003-12-25 02:55:04 UTC

*** This bug has been marked as a duplicate of 815 ***
Comment 6 Gerald (Jerry) Carter 2005-02-07 09:06:02 UTC
originally reported against one of the 3.0.0rc[1-4] releases.
Cleaning up non-production versions.
Comment 7 Gerald (Jerry) Carter 2005-11-14 09:29:09 UTC
database cleanup