Samba4 beta 7 and beta 8 git, talloc and enctype errors
Andrew Bartlett
abartlet at samba.org
Wed Aug 29 00:23:41 MDT 2012
On Wed, 2012-08-29 at 08:05 +0200, steve wrote:
> Hi
>
> Single DC upgraded from a working beta 7 git to a beta 8 git crashes
> with a talloc error
>
> Error 1 talloc error
>
> #8 0xb7e676ce in _talloc_free (ptr=0xb7f73ff4,
> location=0xb7f70e9c "../auth/credentials/credentials_secrets.c:239")
> at ../lib/talloc/talloc.c:1349
> tc = 0x89318f8
> #9 0xb7f6d8c4 in cli_credentials_set_machine_account (cred=0x8244d50,
> lp_ctx=0x805bf78) at ../auth/credentials/credentials_secrets.c:239
> dbuf = {dptr = 0xb7f73ff4 "(\016\001", dsize = 3221220872}
> status = {v = 3221226021}
> filter = 0x7 <Address 0x7 out of bounds>
> error_string = 0xb7f6b5db
> <cli_credentials_invalidate_ccache+118>
> "\203\304\024[]\303U\211\345S\203\354$\350\023\277\377\377\201\303\a\212"
> domain = 0x867b408 "ALTEA"
> realm = 0x8e54380 "HH3.SITE"
> secrets_tdb_password_more_recent = 8
> secrets_tdb_lct = 0
> secrets_tdb_password = 0x0
> keystr = 0x0
> keystr_upper = 0x0
> secrets_tdb = 0x82e3d08 "/usr/local/samba/private/secrets.tdb"
> db_ctx = 0x87ba0d0
> __FUNCTION__ = "cli_credentials_set_machine_account"
The fix for this was verified by David Rivera <rivera.david87 at gmail.com>
earlier today an is in master already.
>
> Error 2, spn enctype and authentication error
> On a new install of beta 7 updated to a beta 8 git
>
> Error a: Creating an spn for nfs creates only one key:
>
> hh30:/home/steve # samba-tool spn delete nfs/hh30.hh3.site
> hh30:/home/steve # rm /etc/krb5.keytab
> hh30:/home/steve # samba-tool spn add nfs/hh30.hh3.site nfs-user
> hh30:/home/steve # samba-tool domain exportkeytab /etc/krb5.keytab
> --principal=nfs/hh30.hh3.site
> hh30:/home/steve # klist -ke /etc/krb5.keytab
> Keytab name: FILE:/etc/krb5.keytab
> KVNO Principal
> ----
> --------------------------------------------------------------------------
> 1 nfs/hh30.hh3.site at HH3.SITE (des-cbc-crc)
>
> Previous versions created the arcfour key as well as the other des key.
I do apologise, I seem to have had a particularly bad run of code yesterday. The attached patch should fix it, and is in autobuild.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s4-libnet-Fix-passing-samba_all_enctypes-as-a-fn-rat.patch
Type: text/x-patch
Size: 1116 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120829/f10a6ec2/attachment.bin>
More information about the samba-technical
mailing list