problem with latest CVS
Greg Dickie
greg at discreet.com
Mon Mar 8 15:51:25 GMT 1999
Here's a silly one:
On friday I did a password change test, it worked but it put the following in
smbpasswd:
greg:1124:BD790672A412A0FEAAD3B435B51404EE:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
]:LCT-36DE76A3:
now when I try to log-in I get a segmentation violation because of the
following:
(dbx) list 531
* 531 if (memcmp(smb_pass->smb_passwd , lm_pwd, 16) != 0 &&
532 memcmp(smb_pass->smb_nt_passwd, nt_pwd, 16) != 0)
533 {
534 status = 0xC0000000 | NT_STATUS_WRONG_PASSWORD;
535 }
536
537 return status;
538 }
539
540
/*************************************************************************
(dbx) whatis lm_pwd
char lm_pwd[16];
(dbx) p lm_pwd
0x7ffe46b8 = "\342\343\213\224z\341k3\252\323\2645\265\024\004\356"
(dbx) p nt_pwd
0x7ffe46c8 = "\223\205\f\323^\214\214.)\306tGq\203\325\367"
(dbx) p smb_pass->smb_nt_passwd
(nil)
(dbx) p *smb_pass
struct sam_passwd {
logon_time = struct nttime_info {
low = 4294967295
high = 2147483647
}
logoff_time = struct nttime_info {
low = 4294967295
high = 2147483647
}
kickoff_time = struct nttime_info {
low = 4294967295
high = 2147483647
}
pass_last_set_time = struct nttime_info {
low = 247812992
high = 29255223
}
pass_can_change_time = struct nttime_info {
low = 247812992
high = 29255223
}
pass_must_change_time = struct nttime_info {
low = 4294967295
high = 2147483647
}
unix_name = 0x101865c0 = "greg"
nt_name = 0x101866c0 = "greg"
full_name = 0x10186740 = ""
home_dir = 0x10186b40 = "\\\\cuba\\greg\\Windows"
dir_drive = 0x10186f40 = "H:"
logon_script = 0x10187340 = "logon.bat"
profile_path = 0x10187740 = "\\\\madagascar\\profiles\\greg"
acct_desc = 0x10187b40 = ""
workstations = 0x10187f40 = ""
unknown_str = (nil)
munged_dial = (nil)
unix_uid = 1124
unix_gid = 500
user_rid = 5496
More (n if no)?
group_rid = 3001
smb_passwd = 0x10188c68 =
"\275y\006r\244\022\240\376\252\323\2645\265\024\004\356\025\212t\315\036\302\02
7\021 \250-\313\3
76\243\306\302"
smb_nt_passwd = (nil)
acct_ctrl = 16
unknown_3 = 16777215
logon_divs = 168
hours_len = 21
hours =
"\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\377\37
7\377"
unknown_5 = 131072
unknown_6 = 1260
}
(dbx) lv43/6.5.3f/work/irix/lib/libc/libc_n32_M3/strings/bcmp.s":77, 0xfad6790]
> 1 net_login_interactive(id1 = 0x7ffe4bfc, smb_pass = 0x10186490, vuser =
0x101b75d0) ["/tmp_mnt/DLlocal/greg/samba/source/rp
c_server/srv_netlog.c":531, 0x100a2694]
2 api_net_sam_logon(vuid = 100, data = 0x7ffe7588, rdata = 0x101b79c4)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_n
etlog.c":725, 0x100a2e28]
3 api_rpc_command(p = 0x101b7898, rpc_name = 0x10164378 = "api_netlog_rpc",
api_rpc_cmds = 0x10179948, data = 0x7ffe7588) ["
/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":693, 0x100b3b6c]
4 api_rpcTNP(p = 0x101b7898, rpc_name = 0x10164378 = "api_netlog_rpc",
api_rpc_cmds = 0x10179948, data = 0x7ffe7588) ["/tmp_
mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":722, 0x100b3d4c]
5 api_netlog_rpc(p = 0x101b7898, data = 0x7ffe7588)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_netlog.c":885, 0x100
a331c]
6 api_pipe_request(p = 0x101b7898, pd = 0x7ffe7588)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":607, 0x100b3
604]
7 rpc_command(p = 0x101b7898, pd = 0x7ffe7588)
["/tmp_mnt/DLlocal/greg/samba/source/rpc_server/srv_pipe.c":643, 0x100b37bc]
8 api_fd_reply(conn = 0x101b7818, vuid = 100, outbuf = 0x101a7169 = "", setup
= 0x10192320, data = 0x101bb128 = "\005", param
s = (nil), suwcnt = 2, tdscnt = 292, tpscnt = 0, mdrcnt = 1024, mprcnt = 0)
["/tmp_mnt/DLlocal/greg/samba/source/smbd/ipc.c":32
57, 0x10036f28]
9 named_pipe(conn = 0x101b7818, vuid = 100, outbuf = 0x101a7169 = "", name =
0x7ffe772e = "", setup = 0x10192320, data = 0x1
01bb128 = "\005", params = (nil), suwcnt = 2, tdscnt = 292, tpscnt = 0, msrcnt
= 0, mdrcnt = 1024, mprcnt = 0) ["/tmp_mnt/DLloc
al/greg/samba/source/smbd/ipc.c":3475, 0x10037bd8]
10 reply_trans(conn = 0x101b7818, inbuf = 0x10196d61 = "", outbuf =
0x101a7169 = "", size = 372, bufsize = 61440) ["/tmp_mnt
/DLlocal/greg/samba/source/smbd/ipc.c":3614, 0x10038928]
11 switch_message(type = 37, inbuf = 0x10196d61 = "", outbuf = 0x101a7169 =
"", size = 372, bufsize = 61440) ["/tmp_mnt/DLlo
cal/greg/samba/source/smbd/process.c":489, 0x1006f324]
12 construct_reply(inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "", size =
372, bufsize = 61440) ["/tmp_mnt/DLlocal/greg/s
amba/source/smbd/process.c":522, 0x1006f444]
13 process_smb(inbuf = 0x10196d61 = "", outbuf = 0x101a7169 = "")
["/tmp_mnt/DLlocal/greg/samba/source/smbd/process.c":592,
0x1006f764]
14 smbd_process() ["/tmp_mnt/DLlocal/greg/samba/source/smbd/process.c":936,
0x100709f4]
More (n if no)?
In other words smb_nt_passwd is null, I assume because of the XXXXXXXs in the
passwd file.
The problem would appear to be twofold 1) password change should not put the
XXXXs and 2) smbd should not crash because of it.
Should I fix this or will some kind soul take care of it?
Thx,
Greg
---------------------------------------------------------------------
Greg Dickie
Just A Guy*
*from discreet logic
Montreal
(514) 954-7171
greg at discreet.com
More information about the samba-ntdom
mailing list