[Bug 2583] rsync fails with "authentication failure"

samba-bugs at samba.org samba-bugs at samba.org
Sat Apr 9 17:38:17 GMT 2005


wayned at samba.org changed:

           What    |Removed                     |Added
             Status|NEW                         |ASSIGNED

------- Additional Comments From wayned at samba.org  2005-04-09 10:38 -------
My first thought was that perhaps the combined length of the password and the
challenge string might be 64 characters, which is an MD4 length that used to
have a problem in older rsync versions.  However, since the password exchange
happens after we've negotiated a protocol_version, this should always be handled
in a compatible manner.

Here's what I would recommend:  edit the code in authenticate.c to add some
fprintf(stderr, ...) calls to the auth_server() function that will mention what
data is being received and compared.  If you output the "line" read from the
client after the read_line() call (it needs a newline):

    fprintf(stderr, "%s\n", line);

That will contain the username, a space, and the MD4 hash of the challenge
string combined with the password from the client.

Then, output the pass2 variable after the generate_hash() call:

fprintf(stderr, "%s\n", pass2);

That value should match the MD4 hash from the "line" output.  You'll need to
stop the daemon and run the freshly-compiled debug version using --no-detach to
see the messages on stderr:

    ./rsync --daemon --no-detach

That should help you to figure out where the failure is occurring in the
authorization code.  You can feel free to email me with what you discover (or
summarize to this bug-report -- whatever you prefer).

Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

More information about the rsync mailing list