machine password timeout - overflow issues

Shlomi Yaakobovich Shlomi at exanet.com
Tue Jun 6 08:51:10 GMT 2006 

Here's the patch anyway...


> diff -u old/auth_domain.c auth_domain.c
--- old/auth_domain.c   2006-06-06 11:49:42.000000000 +0300
+++ auth_domain.c       2006-06-06 11:06:07.000000000 +0300
@@ -289,7 +289,7 @@
        if (lp_machine_password_timeout()) {
                if (last_change_time > 0 &&
                    time(NULL) > (last_change_time +
-                                 lp_machine_password_timeout())) {
+                                 (time_t)lp_machine_password_timeout())) {
                        global_machine_password_needs_changing = True;
                }
        }
@@ -382,7 +382,7 @@

 #if 0
        /* Test if machine password is expired and need to be changed */
-       if (time(NULL) > last_change_time + lp_machine_password_timeout())
+       if (time(NULL) > last_change_time + (time_t)lp_machine_password_timeout())
        {
                global_machine_password_needs_changing = True;
        }


Shlomi
 

> -----Original Message-----
> From: 
> samba-technical-bounces+shlomi=exanet.com at lists.samba.org 
> [mailto:samba-technical-bounces+shlomi=exanet.com at lists.samba.
> org]On Behalf Of Shlomi Yaakobovich
> Sent: Monday, June 05, 2006 20:12
> To: samba-technical at samba.org
> Subject: machine password timeout - overflow issues
> 
> 
> Hi,
> 
> We've recently stumbled into an "interesting" behavior, we 
> call it a bug. Happens only in "security = domain" 
> environment due to obvious reasons (check the code). 
> 
> We use a very big number for the "machine password timeout" 
> parameter: 999999999. About 3 weeks ago (you can calculate 
> exactly, it was on May 13th, 2006), the sum of this number 
> and the current value returned by time(NULL) gave a value 
> bigger than the signed integer value. As a result, some of 
> the comparisons, done in order to check if it is required to 
> update the secrets.tdb file, gave the wrong result. Our 
> solution is based on the fact that the secrets.tdb is not 
> changed by samba, only by external operations (e.g. joining 
> the domain), and this began causing problems for us !
> 
> Finally we've discovered that this is due to this overflow. I 
> solved this simply by casting 
> (time_t)lp_machine_password_timeout(), in both occurrences in 
> auth/auth_domain.c. I would send a patch but this is so 
> trivial... Unfortunately I see none of the Globals struct is 
> defined as unsigned int, which would have been a better 
> solution, IMHO.
> 
> Maybe I will send a patch tomorrow, if there's interest (I'm 
> working on 3.0.20 anyway).
> 
> Shlomi
>

More information about the samba-technical mailing list