Problems with Samba 2.0.6 under Solaris 7

Armstrong, Scott armstron at nvl.army.mil
Wed Apr 19 10:58:31 GMT 2000 

We've inadvertently discovered a bug in the client_name function when our
dns was temporarily damaged. We have a "hosts allow" function that has IP
addresses only to contrain mounts to within our network. When clients would
attempt to connect, if their reverse IP lookup failed - in theory just to
log the name of the connecting host, the originating IP address was being
mangled and the connection denied.

The log entries are shown as follows

[2000/04/18 15:42:19, 0] [lib/util_sock.c2000/04/18 15:42:19:, 0client_addr]
(li
b/util_sock.c1035:)
client_addr  getpeername failed. Error was Transport endpoint is not
connected
(1035)
  getpeername failed. Error was Transport endpoint is not connected
[2000/04/18 15:42:19, 0] lib/access.c:check_access(262[)
2000/04/18 15:42:19, 0] lib/access.c:check_access[(2622000/04/18 15:42:19)
, 0] lib/util_sock.c:client_addr[(2000/04/18 15:42:191035, 0)
]   getpeername failed. Error was Transport endpoint is not connected
lib/util_sock.c  Denied connection from 0.0.0.0 (0.0.0.0)
:client_addr(1035)
[  getpeername failed. Error was Transport endpoint is not connected
2000/04/18 15:42:19  Denied connection from 0.0.0.0 (0.0.0.0)
, 1] smbd/process.c:process_smb[(6082000/04/18 15:42:19)
, 1] smbd/process.c:process_smb[(6082000/04/18 15:42:19)
, 0] lib/util_sock.c:client_addr[(2000/04/18 15:42:191035, 0)
]   getpeername failed. Error was Transport endpoint is not connected
ib/util_sock.c  Connection denied from 0.0.0.0

As a result, even systems that met the IP address criteria within the "hosts
allow" parameter were being denied access. I would imagine there's some sort
of buffer overflow or pointer mangling taking place, but (ALAS) it's been
YEARS since my job duties included programming.

We've also seen a number of sporadic server authentication failures under
"server = domain". Initially I thought it to be a loading issue so I pointed
each Samba server at a different Domain Controller. The domain controllers
are logging an event 5722 (The session setup from the computer XENA failed
to authenticate. The name of the account referenced in the security database
is XENA$.  The following error occurred: Access is denied. )

The following error messages were logged by Samba -
/var/log.smb.tedward2:  cli_nt_session_open: cli_nt_create failed on pipe
\NETLOGON to machine CATERPILLAR.  Error was ERRDOS - ERRpipebusy (All
instances of the requested pipe are busy.)
/var/log.smb.tedward2:  domain_client_validate: unable to open the domain
client session to machine CATERPILLAR. Error was : ERRDOS - ERRpipebusy (All
instances of the requested pipe are busy.).

/var/log.smb.plov2000:  connect_to_domain_password_server: unable to connect
to SMB server on machine CATERPILLAR. Error was : code 0.
/var/log.smb.plov2000:  connect_to_domain_password_server: unable to connect
to SMB server on machine CATERPILLAR. Error was : code 0.

Since the message in the event log indicates the actual Samba server name,
there could be a problem in the RPC code. It manifests istelf on the client
as a password prompt and if they retype their password the connection is
allowed.

Please let me know if additional logs and higher log settings will help. I
will be glad to supply whatever information is necessary to resolve the
issue.

Scott

===============================================================
 
Scott Armstrong                    In the days before volcanoes
Department of the Army             were invented, lava had to be
Night Vision and Electronic        hand carried down from the
Sensors                            mountain and poured on the
AMSEL-RD-NV-SSA-NS                 sleeping villagers.
10221 Burbeck Road                 This took a great deal of
Ft. Belvoir, VA 22060-5806         time.
armstron at NVL.ARMY.MIL
Voice (703) 704-1764
Fax   (703) 704-1953

More information about the samba mailing list