Bug 15793 - smbpasswd fails in AIX
Summary: smbpasswd fails in AIX
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: DCE-RPCs and pipes (show other bugs)
Version: 4.21.2
Hardware: PPC AIX
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2025-01-30 09:33 UTC by Ayappan
Modified: 2025-02-07 08:02 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ayappan 2025-01-30 09:33:21 UTC
In AIX with Samba 4.21.2, smbpasswd fails to change the user password. Below is the error., 

$ whoami
test123
$ smbpasswd 
.....
.......
dcerpc_pull_auth_trailer: auth_pad_length 12
GENSEC auth
ntlmssp_unseal_packet: seal
ntlmssp_check_packet: NTLMSSP signature OK !
Got pdu len 64, data_len 4
rpc_api_pipe_got_pdu: got frag len of 64 at offset 0: NT_STATUS_OK
rpc_api_pipe: host 127.0.0.1 returned 4 bytes.
     samr_ChangePasswordUser4: struct samr_ChangePasswordUser4
        out: struct samr_ChangePasswordUser4
            result                   : NT_STATUS_WRONG_PASSWORD
signed SMB2 message (sign_algo_id=2)
signed SMB2 message (sign_algo_id=2)
machine 127.0.0.1 rejected to change the passwordwith error: When trying to update a password, this return status indicates that the value provided as the current password is not correct.Freeing parametrics:


Debugging further reveals that it actually fails in samba_gnutls_aead_aes_256_cbc_hmac_sha512_decrypt

       gnutls_hmac_deinit(hmac_hnd, auth_data);

        equal = mem_equal_const_time(auth_data, auth_tag, sizeof(auth_data));
        if (!equal) {
                return NT_STATUS_DECRYPTION_FAILED;             ---> here
        }

Any ideas ?
Comment 1 Ayappan 2025-02-07 08:02:26 UTC
Any idea what could be wrong here ?