On Thu, 2011-10-20 at 16:01 -0500, Shirish Pargaonkar wrote: > On Thu, Oct 20, 2011 at 3:55 PM, Oskar Liljeblad <oskar@xxxxxxxxxxx> wrote: > > On Thursday, October 20, 2011 at 22:13, Oskar Liljeblad wrote: > >> I like the idea of opaque passwords as well, but the problem is that the > >> password needs to be in UCS-2 for smb. The password is passed through > >> _my_mbstowcs which converts the 8-bit password to 16-bit UCS-2 simply > >> by setting high byte to zero. So that makes opaque 8-bit passwords > >> impossible. One alternative would be to assume passwords in UTF-8 > >> regardless of iocharset. > > > > On another note, it wouldn't surprise me if Microsoft assumes UTF-16 rather > > than UCS-2 in their CIFS implementation today... > > > > Oskar > > > > > > codepage to unicode conversion does not come into picture during > authentication. codepage to unicode conversion comes into picture > once you are sending ntlm response blob over. > I do not know if ntlm response on machines with different charsets > can have that charset specific characters e.g. whether ntlm > response blob on a machine with German character set can > have an umlaut as part of ntlm response. Passwords are UTF-16, I do not think it makes any sense in 2011 to support anything else but UTF-8 to be honest. If you are using codepages on the filesystem for some legacy reason that should still not change the fact the kernel should get a password in UTF-8. If your charset does not allow you to type the correct charcter for your password you are screwed anyways it doesn't matter if before or after the conversion to URF-16 Simo. -- Simo Sorce Samba Team GPL Compliance Officer <simo@xxxxxxxxx> Principal Software Engineer at Red Hat, Inc. <simo@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
