[PATCH] libads: abstract out SASL wrapping code

Tue May 16 18:53:57 UTC 2017

On Tue, May 16, 2017 at 10:00:24AM +0200, Andreas Schneider wrote:
> On Tuesday, 16 May 2017 09:56:08 CEST Andreas Schneider via samba-technical 
> wrote:
> > On Monday, 15 May 2017 20:47:13 CEST Alexander Bokovoy via samba-technical
> > 
> > wrote:
> > > On ti, 16 touko 2017, Andrew Bartlett wrote:
> > > > On Mon, 2017-05-15 at 17:28 +0300, Alexander Bokovoy via samba-
> > > > 
> > > > technical wrote:
> > > > > > Notice NT_STATUS_CONNECTION_DISCONNECT message garbled?
> > > > > > 
> > > > > > I'm still trying to understand what broke -- on client side we seem
> > > > > > never get back (my debug statements never get printed) after
> > > > > > successful
> > > > > > SASL GSS-SPNEGO bind.
> > > > > 
> > > > > Attached patch passes samba.tests.pam_winbind test.
> > > > 
> > > > Thanks for all your hard work on this.  What was the problem in the
> > > > LDAP server in the end?
> > > 
> > > I haven't found that yet as I fixed one wrong pointer pass in my code
> > > and went away with that. However, if you look at the output in my
> > > previous email, it looks like the error string is garbled at the end, so
> > > there is something off-by-one somewhere.
> > > 
> > > I also get crash in GUID_buf_string() because I run 'make test' with
> > > high enough log level and source3/locking/share_mode_lock.c:846 causes
> > > an NDR print out of a share mode lock entry for log level 11 or above.
> > > As result, there seem to be a garbled GUID.
> > > 
> > > The test is samba3.smbtorture_s3.crypt_client(nt4_dc).TORTURE(nt4_dc).
> > > 
> > > 
> > > #5  0x00007fb4ab130aa1 in sig_fault (sig=11) at ../lib/util/fault.c:94
> > > No locals.
> > > #6  <signal handler called>
> > > No symbol table info available.
> > > #7  0x00007fb4a3b5e174 in GUID_buf_string (guid=0x55d21b7dd178,
> > > dst=0x7ffcd1993960) at ../librpc/ndr/uuid.c:335 No locals.
> > > #8  0x00007fb4a3b5e122 in GUID_string (mem_ctx=0x559a1b884160,
> > > guid=0x55d21b7dd178) at ../librpc/ndr/uuid.c:314 buf = {buf =
> > > "`\324m\247\264\177\000\000`W\210\033\232U\000\000ma touko 15 20.59.13
> > > 20"}
> > > #9  0x00007fb4a3b623ef in ndr_print_GUID (ndr=0x559a1b884160,
> > > name=0x7fb4aa0e80b4 "client_guid", guid=0x55d21b7dd178) at
> > > ../librpc/ndr/ndr_misc.c:29 No locals.
> > > #10 0x00007fb4aa09272f in ndr_print_share_mode_lease (ndr=0x559a1b884160,
> > > name=0x7fb4aa0e82fb "lease", r=0x55d21b7dd178) at
> > > default/source3/librpc/gen_ndr/ndr_open_files.c:69 _flags_save_STRUCT = 0
> > > #11 0x00007fb4aa09331c in ndr_print_share_mode_entry (ndr=0x559a1b884160,
> > > name=0x7fb4aa0e8c56 "share_modes", r=0x559a1b830270) at
> > > default/source3/librpc/gen_ndr/ndr_open_files.c:176 No locals.
> > > #12 0x00007fb4aa0960dd in ndr_print_share_mode_data (ndr=0x559a1b884160,
> > > name=0x7fb4aaea411d "d", r=0x559a1b858e60) at
> > > default/source3/librpc/gen_ndr/ndr_open_files.c:527 cntr_share_modes_0 = 0
> > > 
> > >         cntr_leases_0 = 0
> > >         cntr_delete_tokens_0 = 0
> > > 
> > > #13 0x00007fb4a3b5f2fe in ndr_print_debug (fn=0x7fb4aa095eb4
> > > <ndr_print_share_mode_data>, name=0x7fb4aaea411d "d", ptr=0x559a1b858e60)
> > > at ../librpc/ndr/ndr.c:420 ndr = 0x559a1b884160
> > > 
> > >         __FUNCTION__ = "ndr_print_debug"
> > > 
> > > #14 0x00007fb4aad8c995 in share_mode_traverse_fn (rec=0x7ffcd1993ba0,
> > > _state=0x7ffcd1993ec0) at ../source3/locking/share_mode_lock.c:846 state =
> > > 0x7ffcd1993ec0
> > > 
> > >         i = 1
> > >         key = {dptr = 0x559a1b865ff0 <incomplete sequence \375>, dsize =
> > >         24}
> > > 
> > > value = {dptr = 0x559a1b86600c "\324\f)M\244\333o\301", dsize = 348} blob
> > > =
> > > {data = 0x559a1b86600c "\324\f)M\244\333o\301", length = 348} ndr_err =
> > > NDR_ERR_SUCCESS
> > > 
> > >         d = 0x559a1b858e60
> > >         fid = {devid = 64770, inode = 11919960, extid = 0}
> > >         ret = 32764
> > >         __FUNCTION__ = "share_mode_traverse_fn"
> > 
> > We traverse the database here and we do have a lease without a client_guid.
> > I do not find the place where this database entry is written. So we need to
> > find the place which doesn't add the client_guid.
> 
> 
> Reproducer:
> 
> make -j test TESTS="samba3.smbtorture_s3.crypt_client" SMBD_OPTIONS=-d11 
> WINBINDD_OPTIONS=-d11

Thanks Andreas, I'll take a look !