2.2 byte order problem while reading SID info?

P Ranjit Kumar ranjit at cup.hp.com
Tue Apr 17 19:04:26 GMT 2001 

Hi All,

I am playing around with supporting Samba 2.2 ACLs on HPUX 11.xx.

Problem:
When viewing permissions on a file from NT 4.0 explorer, NT shows SIDs
instead
of username and group name.

Debugging status:
I realized api_lsa_lookup_sids() is used to lookup SIDs on the Samba
server. Down the function call graph, this function unmarshalls the
SIDs from SMB buffer to DOM_SID structures.

I debugged it a little more and realized that the sub_auths array in the
DOM_SID
structure isn't read in proper byteorder.

So the SIDs aren't mapped to the names properly. When I run the same test
against a 207 server, it shows proper names against the SIDs.

I changed the smb_io_dom_sid function in 2.2 source so it reads the
smb_auths
array elements one by one (using prs_uint32) instead of reading all at a
time
(using prs_uint32s). Now 2.2 displays proper names instead of SIDs in the
ACL
permissions window. So I am thinking, may be there is a problem with the
way DBG_RW_PIVAL works in 2.2 (this macro is changed from 2.0.7).

My question:
Does anyone already know of this problem? Any fix available? I am already
trying to see whats the change from 207 and what caused the problem.

Here are the relevant log entries.

Here is the RPC packet data captured when running 2.2

  [000] 5C 50 49 50 45 5C 00 00  00 05 00 00 03 10 00 00  \PIPE\.. ........
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [010] 00 C8 00 00 00 02 00 00  00 B0 00 00 00 00 00 0F  ........ ........
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [020] 00 00 00 00 00 00 00 00  01 00 00 00 00 28 36 DB  ........ .....(6.
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [030] 3A 82 6E 00 00 04 00 00  00 A8 3A 15 00 04 00 00  :.n..... ..:.....
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [040] 00 78 4D 18 00 90 75 14  00 80 5B 14 00 CC 11 19  .xM...u. ..[.....
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [050] 00 01 00 00 00 01 01 00  00 00 00 00 01 00 00 00  ........ ........
>>>> interpreted data
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [060] 00 05 00 00 00 01 05 00  00 00 00 00 05 15 00 00  ........ ........
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [070] 00 5E 5A D0 D3 CE 90 A4  45 F1 6C 0E EA 11 04 00  .^Z..... E.l.....
[2001/04/16 11:12:56, 10] lib/util.c:(1519)
  [080] 00
<<<<<<
 05 00 00 00 01 05 00  00 00 00 00 05 15 00 00  ........ ........
[2001/04/16 11:12:57, 10] lib/util.c:(1519)
  [090] 00 5E 5A D0 D3 CE 90 A4  45 F1 6C 0E EA B4 04 00  .^Z..... E.l.....
[2001/04/16 11:12:57, 10] lib/util.c:(1519)
  [0A0] 00 05 00 00 00 01 05 00  00 00 00 00 05 15 00 00  ........ ........
[2001/04/16 11:12:57, 10] lib/util.c:(1519)
  [0B0] 00 5E 5A D0 D3 CE 90 A4  45 F1 6C 0E EA B4 04 00  .^Z..... E.l.....
[2001/04/16 11:12:57, 10] lib/util.c:(1519)
  [0C0] 00 00 00 00 00 00 00 00  00 01 00 FF 7F 00 00 00  ........ ........
[2001/04/16 11:12:57, 10] lib/util.c:(1519)
  [0D0] 00


Here is how .. 2.2 interprets it.

         000040 smb_io_dom_sid2 sid[1]
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(516)
              0040 num_auths: 00000005
[2001/04/16 11:12:57, 8] rpc_parse/parse_prs.c:(63)
              000044 smb_io_dom_sid sid
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  0044 sid_rev_num: 01
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  0045 num_auths  : 05
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  0046 id_auth[0] : 00
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  0047 id_auth[1] : 00
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  0048 id_auth[2] : 00
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  0049 id_auth[3] : 00
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  004a id_auth[4] : 00
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(484)
                  004b id_auth[5] : 05
[2001/04/16 11:12:57, 5] rpc_parse/parse_prs.c:(564)
                  004c sub_auths : 15000000 5e5ad0d3 ce90a445 f16c0eea
11040000


Here is how 2.0.7 interprets the data.

2001/04/16 11:19:13, 10] lib/util.c:(2918)
  [000] 5C 50 49 50 45 5C 00 00  00 05 00 00 03 10 00 00  \PIPE\.. ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [010] 00 C8 00 00 00 02 00 00  00 B0 00 00 00 00 00 0F  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [020] 00 00 00 00 00 04 05 06  07 08 09 0A 0B 0C 0D 0E  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [030] 0F 10 11 12 13 04 00 00  00 08 90 17 00 04 00 00  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [040] 00 C0 EE 16 00 D0 9A 16  00 80 5B 14 00 CC 11 19  ........ ..[.....
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [050] 00 01 00 00 00 01 01 00  00 00 00 00 01 00 00 00  ........ ........

>>>> interpreted data

[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [060] 00 05 00 00 00 01 05 00  00 00 00 00 05 15 00 00  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [070] 00 5E 5A D0 D3 CE 90 A4  45 F1 6C 0E EA 11 04 00  .^Z..... E.l.....
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [080] 00

<<<<<<<

 05 00 00 00 01 05 00  00 00 00 00 05 15 00 00  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [090] 00 5E 5A D0 D3 CE 90 A4  45 F1 6C 0E EA B4 04 00  .^Z..... E.l.....
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [0A0] 00 05 00 00 00 01 05 00  00 00 00 00 05 15 00 00  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [0B0] 00 5E 5A D0 D3 CE 90 A4  45 F1 6C 0E EA B4 04 00  .^Z..... E.l.....
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [0C0] 00 00 00 00 00 00 00 00  00 01 00 FF 7F 00 00 00  ........ ........
[2001/04/16 11:19:13, 10] lib/util.c:(2926)
  [0D0] 00                                                .

[2001/04/16 11:19:13, 7] rpc_parse/parse_prs.c:(37)
          000040 smb_io_dom_sid2 sid[1]
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(391)
              0040 num_auths: 00000005
[2001/04/16 11:19:13, 8] rpc_parse/parse_prs.c:(37)
              000044 smb_io_dom_sid sid
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  0044 sid_rev_num: 01
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  0045 num_auths  : 05
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  0046 id_auth[0] : 00
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  0047 id_auth[1] : 00
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  0048 id_auth[2] : 00
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  0049 id_auth[3] : 00
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  004a id_auth[4] : 00
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(359)
                  004b id_auth[5] : 05
[2001/04/16 11:19:13, 5] rpc_parse/parse_prs.c:(424)
                  004c sub_auths : 00000015 d3d05a5e 45a490ce ea0e6cf1
00000411


- Ranjit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ranjit Kumar Pedapati.vcf
Type: text/x-vcard
Size: 154 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20010417/db457b9a/RanjitKumarPedapati.vcf

More information about the samba-technical mailing list