High load server getting NTLM messages mixed?
Andrew Bartlett
abartlet at samba.org
Mon Jul 2 22:42:39 GMT 2007
On Tue, 2007-06-26 at 16:53 -0700, Todd Stecher wrote:
> A client with extremely high load on their Samba server is
> intermittently hitting this code in smbd/sesssetup.c:
>
> if (!global_ntlmssp_state) {
> /* auth before negotiatiate? */
> return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
> }
>
>
> This is 3.0.11 - apparently he tried this on a later version with
> minimal problems (unfortunately, we have not as yet released a
> "newer" version of Samba on our product :( ) - does anyone know if
> this was an issue that was specifically fixed? I didn't see anything
> obvious in bugzilla.samba.org.
>
> There is a literal ton of NTLMSSP traffic against this server, and in
> many cases different auth contexts are interleaved in the wire - it
> seems that the errors I'm seeing in the sniff occur when these
> messages get intertwined.
>
> Given that, and the presence of a "global" static struct
> auth_ntlmssp_state *global_ntlmssp_state, I suspect this was fixed by
> revision 8472 2 years ago (dang - we are dangerously out of date here).
>
> http://viewcvs.samba.org/cgi-bin/viewcvs.cgi?rev=8472&view=rev
>
>
> Andrew / Jerry - Can you confirm? I could not find anything related
> to parallel NTLM processing in bugzilla...
That is certainly the initial work I did on the problem. However, there
may have been fixes (memory leaks in particular) after that, so don't
assume all is perfect if you just take that patch.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070703/9477a32b/attachment.bin
More information about the samba-technical
mailing list