Peter Eriksson
2018-Dec-27 21:26 UTC
[Samba] FreeBSD, Libmd5, samba 4.9.4 & "smbclient -L" (using password) -> core dump
I just noticed that smbclient from Samba 4.9.4 /built by myself) on FreeBSD 11.2 coredumps when called like this: smbclient -L <hostname>> % /liu/pkg/samba/4.9.4-liu/bin/smbclient -L filur00 > Enter username at AD.LIU.SE's password: > Abort (core dumped)… if it is linked against /usr/local/lib/libmd5.so (which is part of “libwww”). If I remove libmd5.so and recompile things work as it should…> % /liu/pkg/samba/4.9.4-test/bin/smbclient -L filur00 > Enter username at AD.LIU.SE's password: > Anonymous login successful > > Sharename Type Comment > --------- ---- ------- > DATA4 Disk foo > IPC$ IPC IPC Service (Filur00 File Server) > Reconnecting with SMB1 for workgroup listing. > smbXcli_negprot_smb1_done: No compatible protocol selected by server. > protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE > Failed to connect with SMB1 -- no workgroup availableIs this a known issue, and/or is there some easy way to disable the “libmd5.so” detection code in the configure step? (Other than not having libwww installed that is :-).> # pkg info libwww > libwww-5.4.2 > Name : libwww > Version : 5.4.2 > Installed on : Sun Dec 16 23:53:05 2018 CET > Origin : www/libwww > Architecture : FreeBSD:11:amd64 > Prefix : /usr/local > Categories : devel www > Licenses : W3C > Maintainer : dbaio at FreeBSD.org > WWW : http://www.w3.org/Library/ > Comment : W3C Reference Library > Shared Libs required: > libexpat.so.1 > Shared Libs provided: > libwwwapp.so.0 > libpics.so.0 > libwwwmime.so.0 > libwwwnews.so.0 > libwwwxml.so.0 > libwwwinit.so.0 > libwwwutils.so.0 > libwwwmux.so.0 > libwwwhtml.so.0 > libwwwgopher.so.0 > libwwwdir.so.0 > libwwwssl.so.0 > libwwwhttp.so.0 > libmd5.so.0 > libwwwtrans.so.0 > libwwwtelnet.so.0 > libwwwstream.so.0 > libwwwcore.so.0 > libwwwftp.so.0 > libwwwzip.so.0 > libwwwfile.so.0 > libwwwcache.so.0 > Annotations : > FreeBSD_version: 1102000 > repo_type : binary > repository : FreeBSDGDB backtrace: (gdb) bt #0 0x000000080495898a in kill () from /lib/libc.so.7 #1 0x0000000804958940 in ?? () from /lib/libc.so.7 #2 0x00000008049588b0 in __stack_chk_fail () from /lib/libc.so.7 #3 0x000000080314572b in hmac_md5_final (digest=digest at entry=0x7fffffffd320 "\a\203f\243y6f\331\063$\027\004 at CD\252\005\226\263\003\b", ctx=0x7fffffffd190, ctx at entry=0x0) at ../lib/crypto/hmacmd5.c:101 #4 0x00000008092a01a0 in ntv2_owf_gen (owf=owf at entry=0x811a49430 "\347\305\335 ", <incomplete sequence \350\356>, user_in=<optimized out>, domain_in=<optimized out>, kr_buf=kr_buf at entry=0x7fffffffd320 "\a\203f\243y6f\331\063$\027\004 at CD\252\005\226\263\003\b") at ../libcli/auth/smbencrypt.c:241 #5 0x00000008092a0807 in SMBNTLMv2encrypt_hash (mem_ctx=mem_ctx at entry=0x811a1d780, user=<optimized out>, domain=<optimized out>, nt_hash=nt_hash at entry=0x811a49430 "\347\305\335 ", <incomplete sequence \350\356>, server_chal=server_chal at entry=0x7fffffffd3f0, server_timestamp=server_timestamp at entry=0x811a85a08, names_blob=0x7fffffffd530, lm_response=0x7fffffffd410, nt_response=0x7fffffffd420, lm_session_key=0x0, user_session_key=0x7fffffffd440) at ../libcli/auth/smbencrypt.c:493 #6 0x0000000803b34e4b in cli_credentials_get_ntlm_response (cred=0x811a8b060, mem_ctx=mem_ctx at entry=0x811a850b0, flags=flags at entry=0x7fffffffd604, challenge=..., server_timestamp=0x811a85a08, target_info=..., _lm_response=0x7fffffffd660, _nt_response=0x7fffffffd670, _lm_session_key=0x7fffffffd690, _session_key=0x7fffffffd680) at ../auth/credentials/credentials_ntlm.c:135 #7 0x0000000808866cd7 in ntlmssp_client_challenge (gensec_security=0x811a57f60, out_mem_ctx=0x811a85030, in=..., out=0x811a85040) at ../auth/ntlmssp/ntlmssp_client.c:630 #8 0x0000000808864e8b in gensec_ntlmssp_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57f60, in=...) at ../auth/ntlmssp/ntlmssp.c:210 #9 0x000000080886f9b8 in gensec_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57f60, in=...) at ../auth/gensec/gensec.c:433 #10 0x0000000808862848 in gensec_spnego_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=<optimized out>, in=...) at ../auth/gensec/spnego.c:1722 #11 0x000000080886f9b8 in gensec_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57360, in=...) at ../auth/gensec/gensec.c:433 #12 0x0000000801d648c5 in cli_session_setup_gensec_local_next (req=0x811a84780) at ../source3/libsmb/cliconnect.c:1008 #13 0x0000000801d64a79 in cli_session_setup_gensec_remote_done (subreq=<optimized out>) at ../source3/libsmb/cliconnect.c:1131 #14 0x0000000801d6394f in cli_sesssetup_blob_done (subreq=<optimized out>) at ../source3/libsmb/cliconnect.c:845 #15 0x0000000801b34fc9 in smb2cli_session_setup_done (subreq=<optimized out>) at ../libcli/smb/smb2cli_session.c:213 #16 0x0000000808649f37 in tevent_common_invoke_immediate_handler () from /usr/local/lib/libtevent.so.0 #17 0x0000000808649f94 in tevent_common_loop_immediate () from /usr/local/lib/libtevent.so.0 #18 0x000000080864c17c in ?? () from /usr/local/lib/libtevent.so.0 #19 0x0000000808648e4e in _tevent_loop_once () from /usr/local/lib/libtevent.so.0 #20 0x000000080864ac0b in tevent_req_poll () from /usr/local/lib/libtevent.so.0 #21 0x00000008052349de in tevent_req_poll_ntstatus (req=req at entry=0x811a84080, ev=ev at entry=0x811a582e0, status=status at entry=0x7fffffffdbf4) at ../lib/util/tevent_ntstatus.c:109 #22 0x0000000801d66efd in cli_session_setup_creds (cli=<optimized out>, creds=creds at entry=0x811a8b060) at ../source3/libsmb/cliconnect.c:1795 #23 0x0000000801d82728 in do_connect (ctx=ctx at entry=0x811a1d1e0, server=<optimized out>, server at entry=0x811a46250 "filur00", share=<optimized out>, auth_info=auth_info at entry=0x811a3e200, force_encrypt=force_encrypt at entry=false, max_protocol=max_protocol at entry=13, port=0, name_type=32, pcli=0x7fffffffdcf0) at ../source3/libsmb/clidfs.c:232 #24 0x0000000801d82b35 in cli_cm_connect (ctx=ctx at entry=0x811a1d1e0, referring_cli=referring_cli at entry=0x0, server=server at entry=0x811a46250 "filur00", share=<optimized out>, auth_info=auth_info at entry=0x811a3e200, force_encrypt=force_encrypt at entry=false, max_protocol=13, port=0, name_type=32, 0) at ../source3/libsmb/clidfs.c:335 #25 0x0000000801d82cbf in cli_cm_open (ctx=0x811a1d1e0, referring_cli=0x0, server=0x811a46250 "filur00", share=<optimized out>, auth_info=0x811a3e200, force_encrypt=<optimized out>, max_protocol=13, port=0, n ame_type=32, pcli=0x12473a0 <cli>) at ../source3/libsmb/clidfs.c:437 #26 0x000000000102a9c0 in do_host_query (query_host=0x811a46250 "filur00") at ../source3/client/client.c:6574 #27 main (argc=<optimized out>, argv=<optimized out>) at ../source3/client/client.c:6574 - Peter
Peter Eriksson
2018-Dec-27 22:42 UTC
[Samba] FreeBSD, Libmd5, samba 4.9.4 & "smbclient -L" (using password) -> core dump
Replying to myself… Sorry. :-) Why is it that you always find the stuff you where looking for - just always right after you’ve sent your email? :) It seems that the lib/crypto/wscript_configure script logic to finding out where (and if) the MD5 stuff lives does it by checking for the “md5.h” header file (that FreeBSD has in /usr/include) and then it tries to detect in what library the functions live by trying to link a call to “MD5Init()” and it first tries “-lmd5” and only if that one fails it tries “-lmd” (which is there the system-provided MD5-functions for FreeBSD lives). And thus if you have the “libwww” (W3C stuff) package installed you get a /usr/local/lib/libmd5.so file that isn’t compatible (or buggy) that Samba finds and uses… Ah the wonders of auto-detection hell :-) - Peter> On 27 Dec 2018, at 22:26, Peter Eriksson via samba <samba at lists.samba.org> wrote: > > I just noticed that smbclient from Samba 4.9.4 /built by myself) on FreeBSD 11.2 coredumps when called like this: > > smbclient -L <hostname> > >> % /liu/pkg/samba/4.9.4-liu/bin/smbclient -L filur00 >> Enter username at AD.LIU.SE's password: >> Abort (core dumped) > > … if it is linked against /usr/local/lib/libmd5.so (which is part of “libwww”). If I remove libmd5.so and recompile things work as it should… > >> % /liu/pkg/samba/4.9.4-test/bin/smbclient -L filur00 >> Enter username at AD.LIU.SE's password: >> Anonymous login successful >> >> Sharename Type Comment >> --------- ---- ------- >> DATA4 Disk foo >> IPC$ IPC IPC Service (Filur00 File Server) >> Reconnecting with SMB1 for workgroup listing. >> smbXcli_negprot_smb1_done: No compatible protocol selected by server. >> protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE >> Failed to connect with SMB1 -- no workgroup available > > Is this a known issue, and/or is there some easy way to disable the “libmd5.so” detection code in the configure step? (Other than not having libwww installed that is :-). > >> # pkg info libwww >> libwww-5.4.2 >> Name : libwww >> Version : 5.4.2 >> Installed on : Sun Dec 16 23:53:05 2018 CET >> Origin : www/libwww >> Architecture : FreeBSD:11:amd64 >> Prefix : /usr/local >> Categories : devel www >> Licenses : W3C >> Maintainer : dbaio at FreeBSD.org >> WWW : http://www.w3.org/Library/ >> Comment : W3C Reference Library >> Shared Libs required: >> libexpat.so.1 >> Shared Libs provided: >> libwwwapp.so.0 >> libpics.so.0 >> libwwwmime.so.0 >> libwwwnews.so.0 >> libwwwxml.so.0 >> libwwwinit.so.0 >> libwwwutils.so.0 >> libwwwmux.so.0 >> libwwwhtml.so.0 >> libwwwgopher.so.0 >> libwwwdir.so.0 >> libwwwssl.so.0 >> libwwwhttp.so.0 >> libmd5.so.0 >> libwwwtrans.so.0 >> libwwwtelnet.so.0 >> libwwwstream.so.0 >> libwwwcore.so.0 >> libwwwftp.so.0 >> libwwwzip.so.0 >> libwwwfile.so.0 >> libwwwcache.so.0 >> Annotations : >> FreeBSD_version: 1102000 >> repo_type : binary >> repository : FreeBSD > > GDB backtrace: > > (gdb) bt > #0 0x000000080495898a in kill () from /lib/libc.so.7 > #1 0x0000000804958940 in ?? () from /lib/libc.so.7 > #2 0x00000008049588b0 in __stack_chk_fail () from /lib/libc.so.7 > #3 0x000000080314572b in hmac_md5_final (digest=digest at entry=0x7fffffffd320 "\a\203f\243y6f\331\063$\027\004 at CD\252\005\226\263\003\b", ctx=0x7fffffffd190, > ctx at entry=0x0) at ../lib/crypto/hmacmd5.c:101 > #4 0x00000008092a01a0 in ntv2_owf_gen (owf=owf at entry=0x811a49430 "\347\305\335 ", <incomplete sequence \350\356>, user_in=<optimized out>, > domain_in=<optimized out>, kr_buf=kr_buf at entry=0x7fffffffd320 "\a\203f\243y6f\331\063$\027\004 at CD\252\005\226\263\003\b") at ../libcli/auth/smbencrypt.c:241 > #5 0x00000008092a0807 in SMBNTLMv2encrypt_hash (mem_ctx=mem_ctx at entry=0x811a1d780, user=<optimized out>, domain=<optimized out>, > nt_hash=nt_hash at entry=0x811a49430 "\347\305\335 ", <incomplete sequence \350\356>, server_chal=server_chal at entry=0x7fffffffd3f0, > server_timestamp=server_timestamp at entry=0x811a85a08, names_blob=0x7fffffffd530, lm_response=0x7fffffffd410, nt_response=0x7fffffffd420, lm_session_key=0x0, > user_session_key=0x7fffffffd440) at ../libcli/auth/smbencrypt.c:493 > #6 0x0000000803b34e4b in cli_credentials_get_ntlm_response (cred=0x811a8b060, mem_ctx=mem_ctx at entry=0x811a850b0, flags=flags at entry=0x7fffffffd604, challenge=..., > server_timestamp=0x811a85a08, target_info=..., _lm_response=0x7fffffffd660, _nt_response=0x7fffffffd670, _lm_session_key=0x7fffffffd690, > _session_key=0x7fffffffd680) at ../auth/credentials/credentials_ntlm.c:135 > #7 0x0000000808866cd7 in ntlmssp_client_challenge (gensec_security=0x811a57f60, out_mem_ctx=0x811a85030, in=..., out=0x811a85040) > at ../auth/ntlmssp/ntlmssp_client.c:630 > #8 0x0000000808864e8b in gensec_ntlmssp_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57f60, in=...) > at ../auth/ntlmssp/ntlmssp.c:210 > #9 0x000000080886f9b8 in gensec_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57f60, in=...) at ../auth/gensec/gensec.c:433 > #10 0x0000000808862848 in gensec_spnego_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=<optimized out>, in=...) > at ../auth/gensec/spnego.c:1722 > #11 0x000000080886f9b8 in gensec_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57360, in=...) at ../auth/gensec/gensec.c:433 > #12 0x0000000801d648c5 in cli_session_setup_gensec_local_next (req=0x811a84780) at ../source3/libsmb/cliconnect.c:1008 > #13 0x0000000801d64a79 in cli_session_setup_gensec_remote_done (subreq=<optimized out>) at ../source3/libsmb/cliconnect.c:1131 > #14 0x0000000801d6394f in cli_sesssetup_blob_done (subreq=<optimized out>) at ../source3/libsmb/cliconnect.c:845 > #15 0x0000000801b34fc9 in smb2cli_session_setup_done (subreq=<optimized out>) at ../libcli/smb/smb2cli_session.c:213 > #16 0x0000000808649f37 in tevent_common_invoke_immediate_handler () from /usr/local/lib/libtevent.so.0 > #17 0x0000000808649f94 in tevent_common_loop_immediate () from /usr/local/lib/libtevent.so.0 > #18 0x000000080864c17c in ?? () from /usr/local/lib/libtevent.so.0 > #19 0x0000000808648e4e in _tevent_loop_once () from /usr/local/lib/libtevent.so.0 > #20 0x000000080864ac0b in tevent_req_poll () from /usr/local/lib/libtevent.so.0 > #21 0x00000008052349de in tevent_req_poll_ntstatus (req=req at entry=0x811a84080, ev=ev at entry=0x811a582e0, status=status at entry=0x7fffffffdbf4) > at ../lib/util/tevent_ntstatus.c:109 > #22 0x0000000801d66efd in cli_session_setup_creds (cli=<optimized out>, creds=creds at entry=0x811a8b060) at ../source3/libsmb/cliconnect.c:1795 > #23 0x0000000801d82728 in do_connect (ctx=ctx at entry=0x811a1d1e0, server=<optimized out>, server at entry=0x811a46250 "filur00", share=<optimized out>, > auth_info=auth_info at entry=0x811a3e200, force_encrypt=force_encrypt at entry=false, max_protocol=max_protocol at entry=13, port=0, name_type=32, pcli=0x7fffffffdcf0) > at ../source3/libsmb/clidfs.c:232 > #24 0x0000000801d82b35 in cli_cm_connect (ctx=ctx at entry=0x811a1d1e0, referring_cli=referring_cli at entry=0x0, server=server at entry=0x811a46250 "filur00", > share=<optimized out>, auth_info=auth_info at entry=0x811a3e200, force_encrypt=force_encrypt at entry=false, max_protocol=13, port=0, name_type=32, > 0) at ../source3/libsmb/clidfs.c:335 > #25 0x0000000801d82cbf in cli_cm_open (ctx=0x811a1d1e0, referring_cli=0x0, server=0x811a46250 "filur00", share=<optimized out>, auth_info=0x811a3e200, force_encrypt=<optimized out>, max_protocol=13, port=0, n > ame_type=32, pcli=0x12473a0 <cli>) at ../source3/libsmb/clidfs.c:437 > #26 0x000000000102a9c0 in do_host_query (query_host=0x811a46250 "filur00") at ../source3/client/client.c:6574 > #27 main (argc=<optimized out>, argv=<optimized out>) at ../source3/client/client.c:6574 > > > - Peter > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Maybe Matching Threads
- Could not convert SID S-0-0, error is NT_STATUS_NONE_MAPPED
- Samba 4.9.4 drops group write permission on files (at file access time) with 'vfs objects' enabled
- Samba 4.9.4 drops group write permission on files (at file access time) with 'vfs objects' enabled
- Samba 4.9.4 drops group write permission on files (at file access time) with 'vfs objects' enabled
- samba-4.2.0 join samba3 PDC