[PATCH] libads: abstract out SASL wrapping code
Andreas Schneider
asn at samba.org
Tue May 16 06:15:38 UTC 2017
On Monday, 15 May 2017 20:47:13 CEST Alexander Bokovoy via samba-technical
wrote:
> On ti, 16 touko 2017, Andrew Bartlett wrote:
> > On Mon, 2017-05-15 at 17:28 +0300, Alexander Bokovoy via samba-
> >
> > technical wrote:
> > > > Notice NT_STATUS_CONNECTION_DISCONNECT message garbled?
> > > >
> > > > I'm still trying to understand what broke -- on client side we seem
> > > > never get back (my debug statements never get printed) after
> > > > successful
> > > > SASL GSS-SPNEGO bind.
> > >
> > > Attached patch passes samba.tests.pam_winbind test.
> >
> > Thanks for all your hard work on this. What was the problem in the
> > LDAP server in the end?
>
> I haven't found that yet as I fixed one wrong pointer pass in my code
> and went away with that. However, if you look at the output in my
> previous email, it looks like the error string is garbled at the end, so
> there is something off-by-one somewhere.
>
> I also get crash in GUID_buf_string() because I run 'make test' with
> high enough log level and source3/locking/share_mode_lock.c:846 causes
> an NDR print out of a share mode lock entry for log level 11 or above.
> As result, there seem to be a garbled GUID.
>
> The test is samba3.smbtorture_s3.crypt_client(nt4_dc).TORTURE(nt4_dc).
>
>
> #5 0x00007fb4ab130aa1 in sig_fault (sig=11) at ../lib/util/fault.c:94
> No locals.
> #6 <signal handler called>
> No symbol table info available.
> #7 0x00007fb4a3b5e174 in GUID_buf_string (guid=0x55d21b7dd178,
> dst=0x7ffcd1993960) at ../librpc/ndr/uuid.c:335 No locals.
> #8 0x00007fb4a3b5e122 in GUID_string (mem_ctx=0x559a1b884160,
> guid=0x55d21b7dd178) at ../librpc/ndr/uuid.c:314 buf = {buf =
> "`\324m\247\264\177\000\000`W\210\033\232U\000\000ma touko 15 20.59.13 20"}
> #9 0x00007fb4a3b623ef in ndr_print_GUID (ndr=0x559a1b884160,
> name=0x7fb4aa0e80b4 "client_guid", guid=0x55d21b7dd178) at
> ../librpc/ndr/ndr_misc.c:29 No locals.
> #10 0x00007fb4aa09272f in ndr_print_share_mode_lease (ndr=0x559a1b884160,
> name=0x7fb4aa0e82fb "lease", r=0x55d21b7dd178) at
> default/source3/librpc/gen_ndr/ndr_open_files.c:69 _flags_save_STRUCT = 0
> #11 0x00007fb4aa09331c in ndr_print_share_mode_entry (ndr=0x559a1b884160,
> name=0x7fb4aa0e8c56 "share_modes", r=0x559a1b830270) at
> default/source3/librpc/gen_ndr/ndr_open_files.c:176 No locals.
> #12 0x00007fb4aa0960dd in ndr_print_share_mode_data (ndr=0x559a1b884160,
> name=0x7fb4aaea411d "d", r=0x559a1b858e60) at
> default/source3/librpc/gen_ndr/ndr_open_files.c:527 cntr_share_modes_0 = 0
> cntr_leases_0 = 0
> cntr_delete_tokens_0 = 0
> #13 0x00007fb4a3b5f2fe in ndr_print_debug (fn=0x7fb4aa095eb4
> <ndr_print_share_mode_data>, name=0x7fb4aaea411d "d", ptr=0x559a1b858e60)
> at ../librpc/ndr/ndr.c:420 ndr = 0x559a1b884160
> __FUNCTION__ = "ndr_print_debug"
> #14 0x00007fb4aad8c995 in share_mode_traverse_fn (rec=0x7ffcd1993ba0,
> _state=0x7ffcd1993ec0) at ../source3/locking/share_mode_lock.c:846 state =
> 0x7ffcd1993ec0
> i = 1
> key = {dptr = 0x559a1b865ff0 <incomplete sequence \375>, dsize = 24}
> value = {dptr = 0x559a1b86600c "\324\f)M\244\333o\301", dsize = 348} blob =
> {data = 0x559a1b86600c "\324\f)M\244\333o\301", length = 348} ndr_err =
> NDR_ERR_SUCCESS
> d = 0x559a1b858e60
> fid = {devid = 64770, inode = 11919960, extid = 0}
> ret = 32764
> __FUNCTION__ = "share_mode_traverse_fn"
> #15 0x00007fb4a8eb232e in dbwrap_watched_traverse_fn (rec=0x7ffcd1993c30,
> private_data=0x7ffcd1993e40) at ../source3/lib/dbwrap/dbwrap_watch.c:438
> state = 0x7ffcd1993e40
> num_watchers = 0
> prec = {db = 0x559a1b83c030, key = {dptr = 0x559a1b865ff0
> <incomplete sequence \375>, dsize = 24}, value = {dptr = 0x559a1b86600c
> "\324\f)M\244\333o\301", dsize = 348}, store = 0x7fb4a4727d4b
> <db_tdb_store_deny>, delete_rec = 0x7fb4a4727d6e <db_tdb_delete_deny>,
> private_data = 0x559a1b83c140} deleted = false
> #16 0x00007fb4a4727e26 in db_tdb_traverse_read_func (tdb=0x559a1b83c3f0,
> kbuf=..., dbuf=..., private_data=0x7ffcd1993da0) at
> ../lib/dbwrap/dbwrap_tdb.c:331 ctx = 0x7ffcd1993da0
> rec = {db = 0x559a1b83c030, key = {dptr = 0x559a1b865ff0 <incomplete
> sequence \375>, dsize = 24}, value = {dptr = 0x559a1b866008 "", dsize =
> 352}, store = 0x7fb4a4727d4b <db_tdb_store_deny>, delete_rec =
> 0x7fb4a4727d6e <db_tdb_delete_deny>, private_data = 0x559a1b83c140} #17
> 0x00007fb4a4fd3642 in tdb_traverse_internal (tdb=0x559a1b83c3f0,
> fn=0x7fb4a4727d7d <db_tdb_traverse_read_func>, private_data=0x7ffcd1993da0,
> tl=0x7ffcd1993d40) at ../lib/tdb/common/traverse.c:225 full_len = 376
> nread = 0
> key = {dptr = 0x559a1b865ff0 <incomplete sequence \375>, dsize = 24}
> dbuf = {dptr = 0x559a1b866008 "", dsize = 352}
> rec = {next = 0, rec_len = 476, key_len = 24, data_len = 352,
> full_hash = 73095361, magic = 637606297} ret = 0
> count = 1
> off = 89548
> recbuf_len = 4096
> #18 0x00007fb4a4fd3779 in tdb_traverse_read (tdb=0x559a1b83c3f0,
> fn=0x7fb4a4727d7d <db_tdb_traverse_read_func>, private_data=0x7ffcd1993da0)
> at ../lib/tdb/common/traverse.c:263 tl = {next = 0x0, off = 89548, hash =
> 4233, lock_rw = 0}
> ret = 32692
> #19 0x00007fb4a4727e96 in db_tdb_traverse_read (db=0x559a1b83c030,
> f=0x7fb4a8eb226b <dbwrap_watched_traverse_fn>, private_data=0x7ffcd1993e40)
> at ../lib/dbwrap/dbwrap_tdb.c:345 db_ctx = 0x559a1b83c140
> ctx = {db = 0x559a1b83c030, f = 0x7fb4a8eb226b
> <dbwrap_watched_traverse_fn>, private_data = 0x7ffcd1993e40} #20
> 0x00007fb4a47238d4 in dbwrap_traverse_read (db=0x559a1b83c030,
> f=0x7fb4a8eb226b <dbwrap_watched_traverse_fn>, private_data=0x7ffcd1993e40,
> count=0x7ffcd1993e34) at ../lib/dbwrap/dbwrap.c:343 ret = 32764
> #21 0x00007fb4a8eb241d in dbwrap_watched_traverse_read (db=0x559a1b83c530,
> fn=0x7fb4aad8c76d <share_mode_traverse_fn>, private_data=0x7ffcd1993ec0) at
> ../source3/lib/dbwrap/dbwrap_watch.c:473 ctx = 0x559a1b83b560
> state = {fn = 0x7fb4aad8c76d <share_mode_traverse_fn>, private_data
> = 0x7ffcd1993ec0} status = {v = 0}
> ret = 0
> #22 0x00007fb4a47238d4 in dbwrap_traverse_read (db=0x559a1b83c530,
> f=0x7fb4aad8c76d <share_mode_traverse_fn>, private_data=0x7ffcd1993ec0,
> count=0x7ffcd1993ebc) at ../lib/dbwrap/dbwrap.c:343 ret = 32764
> #23 0x00007fb4aad8ca3c in share_mode_forall (fn=0x7fb4aac6f4f8
> <files_below_forall_fn>, private_data=0x7ffcd1993f10) at
> ../source3/locking/share_mode_lock.c:871 state = {fn = 0x7fb4aac6f4f8
> <files_below_forall_fn>, private_data = 0x7ffcd1993f10} status = {v = 6}
> count = 0
> #24 0x00007fb4aac6f732 in files_below_forall (conn=0x559a1b7e4e20,
> dir_name=0x559a1b865340, fn=0x7fb4aac6f781 <have_file_open_below_fn>,
> private_data=0x7ffcd1994f6b) at ../source3/smbd/dir.c:2076 state = {dirpath
> = 0x7ffcd1993f30 "/home/abokovoy/src/samba/st/nt4_dc/share/trans2",
> dirpath_len = 47, fn = 0x7fb4aac6f781 <have_file_open_below_fn>,
> private_data = 0x7ffcd1994f6b} ret = 0
> tmpbuf =
> "/home/abokovoy/src/samba/st/nt4_dc/share/trans2\000\b@\231\321\374\177\000
> \000\n\000\000\000\264\177\000\000\060@\231\321\374\177\000\000^[9\247\264\1
> 77\000\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000\000\000cD
> \231\321\374\177\000\000\060E\231\321\374\177\000\000
> E\231\321\374\177\000\000H\335ɏ\264\177\000\000\230F\231\321\374\177\000\00
> 0\000\000\000\000\000\000\000\000i\335ɏ\264\177\000\000\221a6\247\264\177\00
> 0\000\200@\231\321\374\177\000\000\000\000\000\000\000\000\000\000\210@\231\
> 321\374\177\000\000^[9\247\264\177\000\000\260@\231\321\374\177\000\000\001"
> , '\000' <repeats 15 times>... to_free = 0x0
That might be the bug of the faililng test we are seeing from time to time!!
If you have crippled string it could also mean that it is hanging on the wrong
talloc context and the context has already been freed!
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list