[cifs-protocol] RE: Other types of Kerberos messages on SamLogon Generic

Andrew Bartlett abartlet at samba.org
Mon Sep 22 21:01:58 GMT 2008

On Wed, 2008-09-17 at 14:02 -0700, Hongwei Sun wrote:
> Andrew,
>   After running Samba RPC-PAC test, analyzing network trace  and
> reviewing its source code, we think that we found the problem in the
> Sambatorture  implementation.   In the loop of setting message type
> from 0x00 to 0xFF, the test program sends the exactly same
> PAC_Validate buffer for each call.  This can be observed from the
> network trace.  Then we confirmed that in ndr_push_PAC_Validate(),
> which marshals the PAC_Validate structure,  message type is always set
> to NETLOGON_GENERIC_KRB5_PAC_VALIDATE (0x3).  That explains why
> Microsoft servers always return NT_STATUS_OK for all the calls in your
> test.

That makes much more sense. 

>   We also found that the other tests(wrong length, corrupted data, bad
> signature etc)  performed by Smbtorture failed as expected.
>   Please let us know if what we found is correct.

Thank-you very much for your analysis, particularly the level to which
you were willing to dig into this.   I'll fix the test to avoid the
pointless looping :-)

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080922/9df667cb/attachment.bin

More information about the cifs-protocol mailing list