thr3ads.net - samba - password rejected with security=server [Nov 1997]

If this information is useful, please help other people find it:
Share via:

reniers@natlab.research.philips.com

1997-Nov-28 14:32 UTC

password rejected with security=server

We use security=server and we discovered that sometimes, although the
password is correct, we received a message from our NT domaincontroller
that the password was incorrect. This happens with samba version 1.9.17p4.
It didn't occure with version 1.9.16p11.

We looked at the code in reply.c and we think there is a bug.
Our PC's ( NT4 and W95 ) send encrypted passwords. If you look into reply.c
( line 458 ), you see that there is a StrnCpy from the password, followed
by a strlen. Since the password is NOT plain text, this is not allowed.

We assume it drops into the wrong part of routine
"reply_sesssetup_and_X".

We changed line 434 from 

	 if(doencrypt )

into 

	 if(doencrypt || passlen1 == 24) 

I don't know if this is correct in all cases, but it seems to solve our
problem.

Eddy Reniers

-----------------
    Reniers, ing. C.M.E.             

    Philips Research Laboratories
    Building WY p 023, Prof. Holstlaan 4, 5656 AA Eindhoven, The Netherlands
    Phone: +31-40-2744327

    E-mail: reniers@natlab.research.philips.com

samba - Nov 1997 - password rejected with security=server

password rejected with security=server