Re: [Samba] Clear text authentication impossible???
On Sun, Oct 26, 2003 at 02:20:36PM +1100, Andrew Bartlett wrote: It looks reasonable to me. Was there anything particularly wrong with 'static char zeros[8]'? (As I've used that elsewhere, and you have now got me worried...) No, I just wanted to remove static's as they are kept permanently during the program run rather than on the stack or heap. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clear text authentication impossible???
On Fri, 2003-10-24 at 11:19, Jeremy Allison wrote: On Thu, Oct 23, 2003 at 08:51:09AM +1000, Andrew Bartlett wrote: On Thu, 2003-10-23 at 05:16, Jeremy Allison wrote: On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote: We have an Exchange 5.5 server in our Samba 3 domain und want to have POP3 access with clear text authentication from clients. But no kind of credentials is accepted. It did a level 10 log on the Samba server and found my clear text password in the log (in nt_chal_resp and lm_chal_resp fields) during authentication. Is it possible that Samba can't handle the clear-text pass-through from POP3-Client per Exchange server and takes it for NTLMv2 challenge Can you post the debug level 10 log please (obfuscate all passwords of course :-). I picked this one up at the end of last week. I never got it into CVS, because I didn't have the setup to test it. (And I wanted to clean it up a bit, we should also handle the 'interactive' login in a similar way, and possibly 'ascii' passwords against the LM hash). Thanks to Fabien Chevalier for providing the information that made fixing this so easy. I've committed a varient of this. Andrew can you please check for correctness ? It looks reasonable to me. Was there anything particularly wrong with 'static char zeros[8]'? (As I've used that elsewhere, and you have now got me worried...) What I proposed was only an early patch, and I intend to clean this up a bit more, cope with ASCII only passwords, and add a direct deny on the password fail. But that can wait, and it's good to see this in and fixed. Thanks, Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clear text authentication impossible???
On Thu, Oct 23, 2003 at 08:51:09AM +1000, Andrew Bartlett wrote: On Thu, 2003-10-23 at 05:16, Jeremy Allison wrote: On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote: We have an Exchange 5.5 server in our Samba 3 domain und want to have POP3 access with clear text authentication from clients. But no kind of credentials is accepted. It did a level 10 log on the Samba server and found my clear text password in the log (in nt_chal_resp and lm_chal_resp fields) during authentication. Is it possible that Samba can't handle the clear-text pass-through from POP3-Client per Exchange server and takes it for NTLMv2 challenge Can you post the debug level 10 log please (obfuscate all passwords of course :-). I picked this one up at the end of last week. I never got it into CVS, because I didn't have the setup to test it. (And I wanted to clean it up a bit, we should also handle the 'interactive' login in a similar way, and possibly 'ascii' passwords against the LM hash). Thanks to Fabien Chevalier for providing the information that made fixing this so easy. I've committed a varient of this. Andrew can you please check for correctness ? Thanks, Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clear text authentication impossible???
On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote: We have an Exchange 5.5 server in our Samba 3 domain und want to have POP3 access with clear text authentication from clients. But no kind of credentials is accepted. It did a level 10 log on the Samba server and found my clear text password in the log (in nt_chal_resp and lm_chal_resp fields) during authentication. Is it possible that Samba can't handle the clear-text pass-through from POP3-Client per Exchange server and takes it for NTLMv2 challenge Can you post the debug level 10 log please (obfuscate all passwords of course :-). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clear text authentication impossible???
On Thu, 2003-10-23 at 05:16, Jeremy Allison wrote: On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote: We have an Exchange 5.5 server in our Samba 3 domain und want to have POP3 access with clear text authentication from clients. But no kind of credentials is accepted. It did a level 10 log on the Samba server and found my clear text password in the log (in nt_chal_resp and lm_chal_resp fields) during authentication. Is it possible that Samba can't handle the clear-text pass-through from POP3-Client per Exchange server and takes it for NTLMv2 challenge Can you post the debug level 10 log please (obfuscate all passwords of course :-). I picked this one up at the end of last week. I never got it into CVS, because I didn't have the setup to test it. (And I wanted to clean it up a bit, we should also handle the 'interactive' login in a similar way, and possibly 'ascii' passwords against the LM hash). Thanks to Fabien Chevalier for providing the information that made fixing this so easy. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Clear text authentication impossible???
Ok, here it comes. Samba PDC is called server, Exchange got the fantastic name exchange, domain is i-bn. I changed the password to p.a.s.s.w.o.r.d and PASSWORD at both occurrences, originally it was lower case, too. Daniel -Ursprüngliche Nachricht- Von: Jeremy Allison [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 22. Oktober 2003 21:16 An: Beschorner Daniel Cc: '[EMAIL PROTECTED]' Betreff: Re: [Samba] Clear text authentication impossible??? On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote: We have an Exchange 5.5 server in our Samba 3 domain und want to have POP3 access with clear text authentication from clients. But no kind of credentials is accepted. It did a level 10 log on the Samba server and found my clear text password in the log (in nt_chal_resp and lm_chal_resp fields) during authentication. Is it possible that Samba can't handle the clear-text pass-through from POP3-Client per Exchange server and takes it for NTLMv2 challenge Can you post the debug level 10 log please (obfuscate all passwords of course :-). Jeremy. [2003/10/22 14:55:29, 5] lib/debug.c:debug_dump_status(359) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 [2003/10/22 14:55:41, 10] lib/util_sock.c:read_smb_length_return_keepalive(463) got smb length of 400 [2003/10/22 14:55:41, 6] smbd/process.c:process_smb(889) got message type 0x0 of len 0x190 [2003/10/22 14:55:41, 3] smbd/process.c:process_smb(890) Transaction 78 of length 404 [2003/10/22 14:55:41, 5] lib/util.c:show_msg(456) [2003/10/22 14:55:41, 5] lib/util.c:show_msg(466) size=400 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=4992 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]=29711 (0x740F) smb_vwv[ 3]=0 (0x0) smb_vwv[ 4]=0 (0x0) smb_vwv[ 5]=65535 (0x) smb_vwv[ 6]=65535 (0x) smb_vwv[ 7]=8 (0x8) smb_vwv[ 8]= 336 (0x150) smb_vwv[ 9]=0 (0x0) smb_vwv[10]= 336 (0x150) smb_vwv[11]= 64 (0x40) smb_vwv[12]=0 (0x0) smb_vwv[13]=0 (0x0) smb_bcc=337 [2003/10/22 14:55:41, 10] lib/util.c:dump_data(1825) [000] EE 05 00 00 03 10 00 00 00 50 01 20 00 05 00 00 ... .P. [010] 00 0E 01 00 00 00 00 02 00 92 0D 4E EE C7 0D 98 ...N.. [020] 8A 34 38 32 F5 C7 17 DC 82 B5 58 F0 72 A1 C2 4D .482õ. .æXðrÂM [030] 09 51 64 72 38 80 38 43 44 2A 1C 63 19 5F 2F 96 .Qdr8.8C D*.c._/. [040] C3 62 11 84 4A C2 94 E7 42 E1 DF B7 F1 B1 1F 7F Ãb..JÂ. B áú¤ñ.. [050] 08 ED DE C2 A3 8B AF 25 9C E6 C4 45 9D 30 88 8D .¡ÞÂ.»% .E.0.. [060] 6D 7D 0C 57 09 90 1B 12 45 73 6A F1 09 DF 74 4D m}.W Esj¤.átM [070] 54 8E 61 A1 77 48 A9 25 23 DA 47 C5 9A E9 41 CC T.awH©% #ÚG.AÌ [080] AE 86 D6 A4 2B 8C 5A 88 AD 38 1F D0 EA C7 36 3E ½.±+.Z. í8.Ð6 [090] AB 23 09 0F 54 96 68 5A FC 58 52 FC AB 55 0D 9D ®#..T.hZ XR®U.. [0A0] 02 EC B8 FC 1A B3 0D AB 97 14 48 00 8C 59 49 E6 .¸.³.® ..H..YI [0B0] 1C E3 99 43 89 1D 2E DB A0 46 FA 11 6B 82 C4 3F .ã.C...Û ÿF£.k.? [0C0] E0 03 DA E7 04 35 DE 31 A0 FB 1A DA 14 BE 48 D3 .Ú.5Þ1 ÿ.Ú.¾HÓ [0D0] 74 E3 AF 92 BB F9 24 0A D3 47 D4 B6 7F BB D6 BE tã».¯$. ÓGÔ.¯¾ [0E0] 20 D8 A0 BA 7F 86 E2 2C 1A 8B 0A 19 86 A7 E0 98 Øÿ§.., . . [0F0] B4 C8 25 06 AE 61 B3 3C C2 26 BB 17 FD EA D8 73 ´È%.½a³ ¯.²Øs [100] CD B6 F7 9A B1 64 7C CF CA 00 07 25 05 72 69 C2 Íö.ñd|Ï Ê..%.ri [110] 06 CF 8D C4 78 88 E8 8C 4C C6 0D 5B 0A 54 49 3A .Ï.x.. L.[.TI: [120] F9 A6 4E 96 81 5C 27 60 2F 44 06 02 00 20 74 09 ¼N..\'` /D... t. [130] 00 77 00 7A 00 FF FF 00 00 7F 2D FB 2C A7 0F 4B .w.z.. ..-,.K [140] BE 1C A8 2B 05 F1 20 D7 B5 9F 17 31 1E 97 0D 3C ¾.¿+.¤ × æ..1... [150] EC [2003/10/22 14:55:41, 3] smbd/process.c:switch_message(685) switch message SMBwriteX (pid 16801) [2003/10/22 14:55:41, 4] smbd/uid.c:change_to_user(122) change_to_user: Skipping user change - already user [2003/10/22 14:55:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1151) search for pipe pnum=740f [2003/10/22 14:55:41, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1155) pipe name NETLOGON pnum=740f (pipes_open=2) [2003/10/22 14:55:41, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1155) pipe name NETLOGON pnum=740d (pipes_open=2) [2003/10/22 14:55:41, 6] rpc_server/srv_pipe_hnd.c:write_to_pipe(852) write_to_pipe: 740f name: NETLOGON open: Yes len: 336 [2003/10/22 14:55:41, 10] rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(874) write_to_pipe: data_left = 336 [2003/10/22 14:55:41, 10] rpc_server/srv_pipe_hnd.c:process_incoming_data(778) process_incoming_data: Start
RE: [Samba] Clear text authentication impossible???
So I'm only the 2nd winner with this bug :-) Thank you, it works! (got to move the definition of pwhash[16] one line higher in the patch to compile) Daniel -Ursprüngliche Nachricht- Von: Andrew Bartlett [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 23. Oktober 2003 00:51 An: Jeremy Allison Cc: Beschorner Daniel; '[EMAIL PROTECTED]' Betreff: Re: [Samba] Clear text authentication impossible??? On Thu, 2003-10-23 at 05:16, Jeremy Allison wrote: On Wed, Oct 22, 2003 at 03:27:31PM +0200, Beschorner Daniel wrote: We have an Exchange 5.5 server in our Samba 3 domain und want to have POP3 access with clear text authentication from clients. But no kind of credentials is accepted. It did a level 10 log on the Samba server and found my clear text password in the log (in nt_chal_resp and lm_chal_resp fields) during authentication. Is it possible that Samba can't handle the clear-text pass-through from POP3-Client per Exchange server and takes it for NTLMv2 challenge Can you post the debug level 10 log please (obfuscate all passwords of course :-). I picked this one up at the end of last week. I never got it into CVS, because I didn't have the setup to test it. (And I wanted to clean it up a bit, we should also handle the 'interactive' login in a similar way, and possibly 'ascii' passwords against the LM hash). Thanks to Fabien Chevalier for providing the information that made fixing this so easy. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba