Joey Collins
2003-Jan-03 02:30 UTC
[Samba] Error in SNIA spec wrt. SessionSetupAndX response when dialect is NT LM 0.12
Good evening, On the bottom of page 53, section 4.1.2.2 in the SNIA spec (http://www.snia.org/tech_activities/CIFS/CIFS-TR-1p00_FINAL.pdf), it states if the dialect is NT LM 0.12 and extended security is off (I.e., use "traditional" NTLMv2/NTLMv2 authentication w/o SecurityBlobs), the SessionSetupAndX response is as shown in section 4.1.2.2 with a word count = 4. However, what I have noticed is this is not the case, but rather, if you are doing NTLMv2 or NTLMv1 authentication w/o extended security, the SessionSetupAndX is really the one shown in 4.1.2.1 with a word count = 3. I tried this a few times, using NT4.0 + SP 6a client against NT4.0 + SP 6a, and Win2k + SP 3 against the NT4.0 + SP 6a server and all resulted in the same SessionSetupAndX response--the one shown in section 4.1.2.1 with a wc = 3. Am I doing something funky to get this result or is this in fact an issue in the spec? thank you and enjoy the evening. Joey.
Andrew Bartlett
2003-Jan-03 03:06 UTC
[Samba] Error in SNIA spec wrt. SessionSetupAndX response when dialect is NT LM 0.12
On Fri, 2003-01-03 at 13:28, Joey Collins wrote:> > Good evening, > > On the bottom of page 53, section 4.1.2.2 in the SNIA spec > (http://www.snia.org/tech_activities/CIFS/CIFS-TR-1p00_FINAL.pdf), it > states if the dialect is NT LM 0.12 and extended security is off (I.e., > use "traditional" NTLMv2/NTLMv2 authentication w/o SecurityBlobs), the > SessionSetupAndX response is as shown in section 4.1.2.2 with a word > count = 4. However, what I have noticed is this is not the case, but > rather, if you are doing NTLMv2 or NTLMv1 authentication w/o extended > security, the SessionSetupAndX is really the one shown in 4.1.2.1 with a > word count = 3. I tried this a few times, using NT4.0 + SP 6a client > against NT4.0 + SP 6a, and Win2k + SP 3 against the NT4.0 + SP 6a server > and all resulted in the same SessionSetupAndX response--the one shown in > section 4.1.2.1 with a wc = 3. > > Am I doing something funky to get this result or is this in fact an > issue in the spec?Given that's what Samba returns, I would knock it up as an error in the spec. I've CC'ed Steve French, so see if he knows how to get such errata into the next version. For detailed protocol questions, I would suggest joining the developers list - samba-technical@samba.org, and the developers IRC channel #samba-technical on irc.freenode.net. (NOTE to other list-members: These are for technical discussions of Samba internals, and is not a help channel) Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20030103/6d57968c/attachment.bin
Reasonably Related Threads
- NTLMv1 v. NTLMv2 ; more than one "identity" on a TCP connection
- Unable to map AD Users to existing local Unix users since 4.8.x
- SNIA 2008 Storage Developer Conference CIFS/SMB/SMB2 Plugfest
- Is NFSv4 dead ? Samba report from the SNIA SDC conference.
- allow trusted domains