[OpenAFS-devel] OpenAFS and Samba

jacobi@de.ibm.com jacobi@de.ibm.com
Mon, 5 Mar 2001 17:04:16 +0100 

Did anybody succeed getting an AFS token using a samba server with Linux
(and not AIX).
I don't know why, but "ka_UserAuthenticateGeneral" just returns with bad
password, regardless
if called using PAM or directly.
I checked the call down the stack till "rxi_ReadProc". Both, a little
program that just contains one
call to ka_UserAuthenticateGeneral and the smb daemon, pass the same data
to this method.
At the end my little program gets the token (at least
ka_UserAuthenticateGeneral returns "0") and
the smb daemon doesn't (return code 180490 -> bad password).

The node where the two programs behave differently seems to be in
"KAT_GetTicket" (by the way it
was not easy to trace through this function ... generated C source, phew).

...
/* Un-marshal the reply arguments */     <- whatever this means
z_xdrs.x_op = XDR_DECODE;
if (!xdr_ka_BBS(&x_zdrs, oanswer))
...

this call fails (the XDR_ENCODE part of that function seems to work).
In xdr_ka_BBS

...
if ((x->x_op) == XDR_DECODE)
{
     if (!xdr_afs_int32(x, &maxLen))
...

This call fails here! The users are for my program as for the smbd
identical, the passwords are
the same, and though it is not the same that happens 8-(
Here is an excempt from my debug-log (openafs usually does not write these
messages, I
did some local modifications):

Mar  5 16:05:40 linux9w libafs: rxi_ReadProc: rxi_FlushWrite() returned,
call->error = 0!
Mar  5 16:05:41 linux9w last message repeated 3 times
Mar  5 16:05:41 linux9w libafs: rxi_ReadProc, 238: Returned with
call->error 180490!
Mar  5 16:05:41 linux9w libafs: xdrrx_getint32: rx_Read32() returned size
of 0 instead of 4!
Mar  5 16:05:41 linux9w libafs: xdr_ka_BBS: "xdr_afs_int32" with argument
"maxLen" failed!
Mar  5 16:05:41 linux9w libafs: KAT_GetTicket: "xdr_ka_BBS" with argument
"oanswer" failed, x_op was "XDR_DECODE"!

Is "ka_UserAuthenticateGeneral" sensitive to some timing or signal
conditions?
And then there are so many mutex'es that are used in these methods. Is
there an easy way to
debug those functions, is there a special "DEBUG" flag one can turn on?
Or is there something I am missing out and the reception of a token depends
on more than
just the arguments passed to ka_UserAuthenticateGeneral?

Any help is welcome ...

Carsten Jacobi