Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Hello World,
A Debian user has found a bug in CVSNT 2.5.03 build 2382. He has
provided a patch. Here is his description and the patch.
Best regards
Andreas
--- BEGIN MESSAGE ---
NTLMSSP authentication against a Windows cvsnt server fails.
I have an older, hacked cvsnt version which works, and by comparing
tcpdumps I found out that the pointer field of the second
string (domain/workstation) of the type 1 NTLM message
built by buildSmbNtlmAuthRequest() points past the end
of the message when the domain argument is an empty string.
The server then immediately rejects the auth request
with a "[80090308] The parameter is incorrect." reply.
The attached patch fixes this, and makes NTLM auth work for me.
(The older cvsnt version I have set the offset field
to some totally bogus value when the string length is
zero, thus I believe the offset value doesn't matter
at all in this case, as long as it doesn't point past
the end of the packet.)
Thanks,
Johannes
--- END MESSAGE ---
--
Andreas Tscharner andreas.tscharner at metromec.ch
------------------------------------------------------------------------
And the beast shall come forth surrounded by a roiling cloud of
vengeance. The house of the unbelievers shall be razed and they shall be
scorched to the earth. Their tags shall blink until the end of days.
-- The Book of Mozilla 12:10
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cvsnt-2.5.03.2382-ntlmssp-auth-fix.patch
Url: http://www.cvsnt.org/pipermail/cvsnt-dev/attachments/20061023/fcab633b/attachment.diff