[Samba] pad length mismatch error message

Andrew Bartlett abartlet at samba.org
Wed Apr 22 20:03:37 UTC 2020 

On Wed, 2020-04-22 at 14:49 +0200, von Obernitz, Daniel via samba
wrote:
> Hi Louis,
> 
> it happens on the AC-DC nodes on Debian 10, running with BIND9_DLZ
> backend...

> > > -----Oorspronkelijk bericht-----
> > > Van: samba [mailto:samba-bounces at lists.samba.org] Namens von 
> > > Obernitz, Daniel via samba
> > > Verzonden: woensdag 22 april 2020 14:18
> > > Aan: samba at lists.samba.org
> > > Onderwerp: [Samba] pad length mismatch error message
> > > 
> > > Hi,
> > > 
> > > I found the following error message in the log.samba:
> > > 
> > > [2020/04/20 16:32:33.168921, 1] 
> > > ../../librpc/rpc/dcerpc_util.c:373(dcerpc_pull_auth_trailer)
> > > ../../librpc/rpc/dcerpc_util.c:373: ERROR: pad length 
> > > mismatch. Calculated 44 got 0
> > > 
> > > It happens on all nodes on different times, but unfortunately 
> > > I have no specific situation or action which causes this.

Thanks for reporting this. Firstly, don't worry about 'attr' packages
or how Bind9 or DNS is configured etc, this is an error in our core RPC
server, and not something that is able to be configured (neither at
build nor runtime).

A client, and we don't include enough information in the message as to
which, so you will need to turn up the log level, is sending an RPC
packet that we don't like the end of.  

In particular, we expected 44 bytes of authentication trailer (the
authentication data in RPC is not in a header, but a trailer at the end
of the packet), probably enough to contain the signature for the
packet, but the client sent nothing. 

We need to work out why that was, and if it matters.  

> > > We are currently using Samba version 4.12.1-SerNet-Debian-
> > > 5.buster.

Thanks.  This may have been caused by a recent rework of our RPC
server.  

> > > Do you have any idea what could cause this so I can try to 
> > > replicate it?
> > > 
> > > Best regards
> > > Daniel
> > > 

Once you work out what client is changing this, then send me a network
capture and matching Samba log (use "debug hires timestamp = Yes", "log
level = 4") and I'll add it to my backlog to look into.  If you are
able to trigger it on demand, and have time, please do confirm if this
is Samba 4.12 regression by trying Samba 4.11.

Thanks for reporting this and I hope we can figure it out together.

Andrew Bartlett

-- 
Andrew Bartlett                       https://samba.org/~abartlet/
Authentication Developer, Samba Team  https://samba.org
Samba Developer, Catalyst IT          
https://catalyst.net.nz/services/samba

More information about the samba mailing list