problem with latest CVS

Greg Dickie greg at discreet.com
Mon Mar 8 15:51:25 GMT 1999 

Here's a silly one:

  On friday I did a password change test, it worked but it put the following in
smbpasswd:

greg:1124:BD790672A412A0FEAAD3B435B51404EE:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U 
        ]:LCT-36DE76A3:

now when I try to log-in I get a segmentation violation because of the
following:


(dbx) list 531
 * 531          if (memcmp(smb_pass->smb_passwd   , lm_pwd, 16) != 0 &&
   532              memcmp(smb_pass->smb_nt_passwd, nt_pwd, 16) != 0)
   533          {
   534                  status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD;
   535          }
   536  
   537          return status;
   538  }
   539  
   540 
/*************************************************************************
(dbx) whatis lm_pwd
char lm_pwd[16];
(dbx) p lm_pwd
0x7ffe46b8 = "\342\343\213\224z\341k3\252\323\2645\265\024\004\356" 
(dbx) p nt_pwd
0x7ffe46c8 = "\223\205\f\323^\214\214.)\306tGq\203\325\367" 
(dbx) p smb_pass->smb_nt_passwd 
(nil) 
(dbx) p *smb_pass
struct sam_passwd {
    logon_time = struct nttime_info {
        low = 4294967295
        high = 2147483647
    }
    logoff_time = struct nttime_info {
        low = 4294967295
        high = 2147483647
    }
    kickoff_time = struct nttime_info {
        low = 4294967295
        high = 2147483647
    }
    pass_last_set_time = struct nttime_info {
        low = 247812992
        high = 29255223
    }
    pass_can_change_time = struct nttime_info {
        low = 247812992
        high = 29255223
    }
    pass_must_change_time = struct nttime_info {
        low = 4294967295
        high = 2147483647
    }
    unix_name = 0x101865c0 = "greg"
    nt_name = 0x101866c0 = "greg"
    full_name = 0x10186740 = ""
    home_dir = 0x10186b40 = "\\\\cuba\\greg\\Windows"
    dir_drive = 0x10186f40 = "H:"
    logon_script = 0x10187340 = "logon.bat"
    profile_path = 0x10187740 = "\\\\madagascar\\profiles\\greg"
    acct_desc = 0x10187b40 = ""
    workstations = 0x10187f40 = ""
    unknown_str = (nil)
    munged_dial = (nil)
    unix_uid = 1124
    unix_gid = 500
    user_rid = 5496
More (n if no)? 
    group_rid = 3001
    smb_passwd = 0x10188c68 =
"\275y\006r\244\022\240\376\252\323\2645\265\024\004\356\025\212t\315\036\302\02
7\021 \250-\313\3
76\243\306\302"
    smb_nt_passwd = (nil)
    acct_ctrl = 16
    unknown_3 = 16777215
    logon_divs = 168
    hours_len = 21
    hours =
"\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\37
7\377"
    unknown_5 = 131072
    unknown_6 = 1260
} 
(dbx) lv43/6.5.3f/work/irix/lib/libc/libc_n32_M3/strings/bcmp.s":77, 0xfad6790]
>  1 net_login_interactive(id1 = 0x7ffe4bfc, smb_pass = 0x10186490, vuser =
0x101b75d0) ["/tmp_mnt/DLlocal/greg/samba/source/rp
c_server/srv_netlog.c":531, 0x100a2694]
   2 api_net_sam_logon(vuid = 100, data = 0x7ffe7588, rdata = 0x101b79c4)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_n
etlog.c":725, 0x100a2e28]
   3 api_rpc_command(p = 0x101b7898, rpc_name = 0x10164378 = "api_netlog_rpc",
api_rpc_cmds = 0x10179948, data = 0x7ffe7588) ["
/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":693, 0x100b3b6c]
   4 api_rpcTNP(p = 0x101b7898, rpc_name = 0x10164378 = "api_netlog_rpc",
api_rpc_cmds = 0x10179948, data = 0x7ffe7588) ["/tmp_
mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":722, 0x100b3d4c]
   5 api_netlog_rpc(p = 0x101b7898, data = 0x7ffe7588)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_netlog.c":885, 0x100
a331c]
   6 api_pipe_request(p = 0x101b7898, pd = 0x7ffe7588)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":607, 0x100b3
604]
   7 rpc_command(p = 0x101b7898, pd = 0x7ffe7588)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":643, 0x100b37bc]
 
  8 api_fd_reply(conn = 0x101b7818, vuid = 100, outbuf = 0x101a7169 = "", setup
= 0x10192320, data = 0x101bb128 = "\005", param
s = (nil), suwcnt = 2, tdscnt = 292, tpscnt = 0, mdrcnt = 1024, mprcnt = 0)
["/tmp_mnt/DLlocal/greg/samba/source/smbd/ipc.c":32
57, 0x10036f28]
   9 named_pipe(conn = 0x101b7818, vuid = 100, outbuf = 0x101a7169 = "", name =
0x7ffe772e = "", setup = 0x10192320, data = 0x1
01bb128 = "\005", params = (nil), suwcnt = 2, tdscnt = 292, tpscnt = 0, msrcnt
= 0, mdrcnt = 1024, mprcnt = 0) ["/tmp_mnt/DLloc
al/greg/samba/source/smbd/ipc.c":3475, 0x10037bd8]
   10 reply_trans(conn = 0x101b7818, inbuf = 0x10196d61 = "", outbuf =
0x101a7169 = "", size = 372, bufsize = 61440) ["/tmp_mnt
/DLlocal/greg/samba/source/smbd/ipc.c":3614, 0x10038928]
   11 switch_message(type = 37, inbuf = 0x10196d61 = "", outbuf = 0x101a7169 =
"", size = 372, bufsize = 61440) ["/tmp_mnt/DLlo
cal/greg/samba/source/smbd/process.c":489, 0x1006f324]
   12 construct_reply(inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "", size =
372, bufsize = 61440) ["/tmp_mnt/DLlocal/greg/s
amba/source/smbd/process.c":522, 0x1006f444]
   13 process_smb(inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "")
["/tmp_mnt/DLlocal/greg/samba/source/smbd/process.c":592, 
0x1006f764]
   14 smbd_process() ["/tmp_mnt/DLlocal/greg/samba/source/smbd/process.c":936,
0x100709f4]
More (n if no)?


In other words smb_nt_passwd is null, I assume because of the XXXXXXXs in the
passwd file.


The problem would appear to be twofold 1) password change should not put the
XXXXs and 2) smbd should not crash because of it.

Should I fix this or will some kind soul take care of it?

Thx,
Greg

---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet logic
Montreal 
(514) 954-7171
greg at discreet.com

More information about the samba-ntdom mailing list