Samba-JP TAKAHASHI Motonobu
2000-Jun-17 10:25 UTC
[BUG] delete user script cannot work because...
Hi!
I found a bug around delete user script parameter.
At least in Samba 2.0.7 "delete user script" cannot work.
The 1475th line of source/smbd/password.c has a bug corrected by this
patch below.
*** password.c.org Sat Jun 17 18:53:11 2000
--- password.c Sat Jun 17 18:53:27 2000
***************
*** 1472,1478 ****
cli_ulogoff(&cli);
cli_shutdown(&cli);
! if((nt_rpc_err == NT_STATUS_NO_SUCH_USER) && (user_exists !=
NULL))
*user_exists = False;
return False;
--- 1472,1478 ----
cli_ulogoff(&cli);
cli_shutdown(&cli);
! if(((nt_rpc_err & 0xFFFF) == NT_STATUS_NO_SUCH_USER) &&
(user_exists != NULL))
*user_exists = False;
return False;
Although this patch fixes the bug, I think it may not be the better
way to fix.
The reason is explained below:
The value of nt_rpc_err comes from the 4th parameter of cli_error() at
the 1468th of in the password.c. And looking around the cli_error.c:
% grep cli_error */*.c
libsmb/clientgen.c: cli_error(cli, &errclass, &errnum,
&nt_rpc_error);
libsmb/clientgen.c: if (cli_error(cli, &eclass, &ecode, NULL))
libsmb/clientgen.c: if (cli_error(cli, &eclass, &ecode,
NULL))
libsmb/clientgen.c: cli_error(cli, &eclass, &ecode,
NULL);
libsmb/clientgen.c: cli_error(cli, &eclass, &ecode,
NULL);
libsmb/clientgen.c:int cli_error(struct cli_state *cli, uint8 *eclass, uint32
*num, uint32 *nt_rpc_error)
libsmb/clientgen.c: DEBUG(10,("cli_error: 32 bit codes:
code=%08x\n", nt_err));
libsmb/clientgen.c: if (cli_error(cli, NULL, NULL, NULL)) return False;
libsmb/clientgen.c: if (cli_error(cli, NULL, NULL, NULL)) return False;
libsmb/clientgen.c: if (cli_error(cli, NULL, NULL, NULL)) return False;
libsmb/clientgen.c: if (cli_error(cli, NULL, NULL, NULL)) return False;
rpc_client/cli_pipe.c: if (cli_error(cli, NULL, &err, NULL)) {
rpc_client/cli_pipe.c: if (cli_error(cli, NULL, &err, NULL)) {
rpc_client/ntclienttrust.c: cli_error(&cli_trust, &err_cls,
&err_num, NULL);
rpc_client/ntclienttrust.c: cli_error(&cli_trust, &err_cls,
&err_num, NULL);
smbd/password.c: cli_error(&cli, NULL, NULL, &nt_rpc_err);
smbwrapper/smbw.c: ret = cli_error(c, &eclass, &ecode, NULL);
utils/torture.c: (void)cli_error(c, &class, &num, NULL);
The 4th parameter of cli_error() is used only twice, the 1475th in the
smbd/password.c and the 214th line in cli_errstr() in
libsmb/clientgen.c.
cli_errstr() uses the 4th parameter of cli_error() as the parameter
put into get_nt_error_msg() and at the 530th line in
get_nt_error_msg() in source/libsmb/nterrr.c this value is again ANDed
with 0xFFFF.
As I explained, the 4th parameter of cli_error() is used only twice
and always ANDed with 0xFFFF.
Thus it seems that to change the type of 4th parameter of cli_error()
from uint32 to uint16 is also considerable way to fix.
-----
Motonobu TAKAHASHI mailto:monyo@samba.gr.jp
Samba Users Group Japan http://www.samba.gr.jp/