Chere Zhou
2002-Dec-06 00:24 UTC
[Samba] smbpasswd has password length problem with the 2.2.7 security patch
I am using samba 2.2.5, and the following patch Jerry outlined in his 2.2.7 release notes. I tested it against a W2k server (in mixed mode) which had a simple one char admin password, worked fine. Recently I found that if the password is longer than 1 char, using "smbpasswd -j dom -r svr -U admin", and then input password, I get NT_STATUS_LOGON_FAILURE. If I remove the patch, or keep the password as just 1 char, smbpasswd works fine. I know the patch was originally for 2.2.6. But since Jerry outlined a simple one for older versions and 2.2.6, I only applied the simple patch as below. Can somebody tell me what other changes I need to make for 2.2.5? Anybody has a similar problem? The following is a snippet of Jerry's 2.2.7 release email: Patch for Samba versions 2.2.2 to 2.2.6 - --------------------------------------- The following patch applies cleanly to the above Samba versions and will fix the vulnerability for sites that do not wish to upgrade to 2.2.7 at this time. --------------------------------cut here--------------------------------- ---- libsmb/smbencrypt.c.orig Tue Nov 19 17:21:57 2002 +++ libsmb/smbencrypt.c Tue Nov 19 17:22:12 2002 @@ -63,7 +63,7 @@ if(len > 128) len = 128; /* Password must be converted to NT unicode - null terminated. */ - dos_struni2((char *)wpwd, (const char *)passwd, 256); + dos_struni2((char *)wpwd, (const char *)passwd, len); /* Calculate length in bytes */ len = strlen_w((const smb_ucs2_t *)wpwd) * sizeof(int16); - -------------------------------cut here---------------------------------