ntpasswd not UTF-8 safe?

Josh Howlett josh.howlett at bristol.ac.uk
Tue Jul 25 10:51:16 CEST 2006

I don't think that the ntpasswd function in smbencrypt.c is safe with  
multi-byte character encodings, such as UTF-8.

I think that the problem is in the conversion of the password to  
Unicode, for the construction of the NT hash. The function assumes a  
single-byte character-set encoding (which works fine for Latin1, etc)  
but not for multi-byte encodings such as UTF-8.

I'm not quite sure what the best approach to fix this is; does anyone  
have any suggestions?

best regards, josh.

Josh Howlett, Networking Specialist, University of Bristol.
email: josh.howlett at bristol.ac.uk | phone: +44 (0)7867 907076 |  
internal: 7850

More information about the Freeradius-Devel mailing list