reniers@natlab.research.philips.com
1997-Nov-28 14:32 UTC
password rejected with security=server
We use security=server and we discovered that sometimes, although the password is correct, we received a message from our NT domaincontroller that the password was incorrect. This happens with samba version 1.9.17p4. It didn't occure with version 1.9.16p11. We looked at the code in reply.c and we think there is a bug. Our PC's ( NT4 and W95 ) send encrypted passwords. If you look into reply.c ( line 458 ), you see that there is a StrnCpy from the password, followed by a strlen. Since the password is NOT plain text, this is not allowed. We assume it drops into the wrong part of routine "reply_sesssetup_and_X". We changed line 434 from if(doencrypt ) into if(doencrypt || passlen1 == 24) I don't know if this is correct in all cases, but it seems to solve our problem. Eddy Reniers ----------------- Reniers, ing. C.M.E. Philips Research Laboratories Building WY p 023, Prof. Holstlaan 4, 5656 AA Eindhoven, The Netherlands Phone: +31-40-2744327 E-mail: reniers@natlab.research.philips.com