[Samba] FreeBSD, Libmd5, samba 4.9.4 & "smbclient -L" (using password) -> core dump
Peter Eriksson
peter at ifm.liu.se
Thu Dec 27 22:42:17 UTC 2018
Replying to myself… Sorry. :-)
Why is it that you always find the stuff you where looking for - just always right after you’ve sent your email? :)
It seems that the lib/crypto/wscript_configure script logic to finding out where (and if) the MD5 stuff lives does it by checking for the “md5.h” header file (that FreeBSD has in /usr/include) and then it tries to detect in what library the functions live by trying to link a call to “MD5Init()” and it first tries “-lmd5” and only if that one fails it tries “-lmd” (which is there the system-provided MD5-functions for FreeBSD lives).
And thus if you have the “libwww” (W3C stuff) package installed you get a /usr/local/lib/libmd5.so file that isn’t compatible (or buggy) that Samba finds and uses… Ah the wonders of auto-detection hell :-)
- Peter
> On 27 Dec 2018, at 22:26, Peter Eriksson via samba <samba at lists.samba.org> wrote:
>
> I just noticed that smbclient from Samba 4.9.4 /built by myself) on FreeBSD 11.2 coredumps when called like this:
>
> smbclient -L <hostname>
>
>> % /liu/pkg/samba/4.9.4-liu/bin/smbclient -L filur00
>> Enter username at AD.LIU.SE's password:
>> Abort (core dumped)
>
> … if it is linked against /usr/local/lib/libmd5.so (which is part of “libwww”). If I remove libmd5.so and recompile things work as it should…
>
>> % /liu/pkg/samba/4.9.4-test/bin/smbclient -L filur00
>> Enter username at AD.LIU.SE's password:
>> Anonymous login successful
>>
>> Sharename Type Comment
>> --------- ---- -------
>> DATA4 Disk foo
>> IPC$ IPC IPC Service (Filur00 File Server)
>> Reconnecting with SMB1 for workgroup listing.
>> smbXcli_negprot_smb1_done: No compatible protocol selected by server.
>> protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE
>> Failed to connect with SMB1 -- no workgroup available
>
> Is this a known issue, and/or is there some easy way to disable the “libmd5.so” detection code in the configure step? (Other than not having libwww installed that is :-).
>
>> # pkg info libwww
>> libwww-5.4.2
>> Name : libwww
>> Version : 5.4.2
>> Installed on : Sun Dec 16 23:53:05 2018 CET
>> Origin : www/libwww
>> Architecture : FreeBSD:11:amd64
>> Prefix : /usr/local
>> Categories : devel www
>> Licenses : W3C
>> Maintainer : dbaio at FreeBSD.org
>> WWW : http://www.w3.org/Library/
>> Comment : W3C Reference Library
>> Shared Libs required:
>> libexpat.so.1
>> Shared Libs provided:
>> libwwwapp.so.0
>> libpics.so.0
>> libwwwmime.so.0
>> libwwwnews.so.0
>> libwwwxml.so.0
>> libwwwinit.so.0
>> libwwwutils.so.0
>> libwwwmux.so.0
>> libwwwhtml.so.0
>> libwwwgopher.so.0
>> libwwwdir.so.0
>> libwwwssl.so.0
>> libwwwhttp.so.0
>> libmd5.so.0
>> libwwwtrans.so.0
>> libwwwtelnet.so.0
>> libwwwstream.so.0
>> libwwwcore.so.0
>> libwwwftp.so.0
>> libwwwzip.so.0
>> libwwwfile.so.0
>> libwwwcache.so.0
>> Annotations :
>> FreeBSD_version: 1102000
>> repo_type : binary
>> repository : FreeBSD
>
> GDB backtrace:
>
> (gdb) bt
> #0 0x000000080495898a in kill () from /lib/libc.so.7
> #1 0x0000000804958940 in ?? () from /lib/libc.so.7
> #2 0x00000008049588b0 in __stack_chk_fail () from /lib/libc.so.7
> #3 0x000000080314572b in hmac_md5_final (digest=digest at entry=0x7fffffffd320 "\a\203f\243y6f\331\063$\027\004 at CD\252\005\226\263\003\b", ctx=0x7fffffffd190,
> ctx at entry=0x0) at ../lib/crypto/hmacmd5.c:101
> #4 0x00000008092a01a0 in ntv2_owf_gen (owf=owf at entry=0x811a49430 "\347\305\335 ", <incomplete sequence \350\356>, user_in=<optimized out>,
> domain_in=<optimized out>, kr_buf=kr_buf at entry=0x7fffffffd320 "\a\203f\243y6f\331\063$\027\004 at CD\252\005\226\263\003\b") at ../libcli/auth/smbencrypt.c:241
> #5 0x00000008092a0807 in SMBNTLMv2encrypt_hash (mem_ctx=mem_ctx at entry=0x811a1d780, user=<optimized out>, domain=<optimized out>,
> nt_hash=nt_hash at entry=0x811a49430 "\347\305\335 ", <incomplete sequence \350\356>, server_chal=server_chal at entry=0x7fffffffd3f0,
> server_timestamp=server_timestamp at entry=0x811a85a08, names_blob=0x7fffffffd530, lm_response=0x7fffffffd410, nt_response=0x7fffffffd420, lm_session_key=0x0,
> user_session_key=0x7fffffffd440) at ../libcli/auth/smbencrypt.c:493
> #6 0x0000000803b34e4b in cli_credentials_get_ntlm_response (cred=0x811a8b060, mem_ctx=mem_ctx at entry=0x811a850b0, flags=flags at entry=0x7fffffffd604, challenge=...,
> server_timestamp=0x811a85a08, target_info=..., _lm_response=0x7fffffffd660, _nt_response=0x7fffffffd670, _lm_session_key=0x7fffffffd690,
> _session_key=0x7fffffffd680) at ../auth/credentials/credentials_ntlm.c:135
> #7 0x0000000808866cd7 in ntlmssp_client_challenge (gensec_security=0x811a57f60, out_mem_ctx=0x811a85030, in=..., out=0x811a85040)
> at ../auth/ntlmssp/ntlmssp_client.c:630
> #8 0x0000000808864e8b in gensec_ntlmssp_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57f60, in=...)
> at ../auth/ntlmssp/ntlmssp.c:210
> #9 0x000000080886f9b8 in gensec_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57f60, in=...) at ../auth/gensec/gensec.c:433
> #10 0x0000000808862848 in gensec_spnego_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=<optimized out>, in=...)
> at ../auth/gensec/spnego.c:1722
> #11 0x000000080886f9b8 in gensec_update_send (mem_ctx=<optimized out>, ev=0x811a582e0, gensec_security=0x811a57360, in=...) at ../auth/gensec/gensec.c:433
> #12 0x0000000801d648c5 in cli_session_setup_gensec_local_next (req=0x811a84780) at ../source3/libsmb/cliconnect.c:1008
> #13 0x0000000801d64a79 in cli_session_setup_gensec_remote_done (subreq=<optimized out>) at ../source3/libsmb/cliconnect.c:1131
> #14 0x0000000801d6394f in cli_sesssetup_blob_done (subreq=<optimized out>) at ../source3/libsmb/cliconnect.c:845
> #15 0x0000000801b34fc9 in smb2cli_session_setup_done (subreq=<optimized out>) at ../libcli/smb/smb2cli_session.c:213
> #16 0x0000000808649f37 in tevent_common_invoke_immediate_handler () from /usr/local/lib/libtevent.so.0
> #17 0x0000000808649f94 in tevent_common_loop_immediate () from /usr/local/lib/libtevent.so.0
> #18 0x000000080864c17c in ?? () from /usr/local/lib/libtevent.so.0
> #19 0x0000000808648e4e in _tevent_loop_once () from /usr/local/lib/libtevent.so.0
> #20 0x000000080864ac0b in tevent_req_poll () from /usr/local/lib/libtevent.so.0
> #21 0x00000008052349de in tevent_req_poll_ntstatus (req=req at entry=0x811a84080, ev=ev at entry=0x811a582e0, status=status at entry=0x7fffffffdbf4)
> at ../lib/util/tevent_ntstatus.c:109
> #22 0x0000000801d66efd in cli_session_setup_creds (cli=<optimized out>, creds=creds at entry=0x811a8b060) at ../source3/libsmb/cliconnect.c:1795
> #23 0x0000000801d82728 in do_connect (ctx=ctx at entry=0x811a1d1e0, server=<optimized out>, server at entry=0x811a46250 "filur00", share=<optimized out>,
> auth_info=auth_info at entry=0x811a3e200, force_encrypt=force_encrypt at entry=false, max_protocol=max_protocol at entry=13, port=0, name_type=32, pcli=0x7fffffffdcf0)
> at ../source3/libsmb/clidfs.c:232
> #24 0x0000000801d82b35 in cli_cm_connect (ctx=ctx at entry=0x811a1d1e0, referring_cli=referring_cli at entry=0x0, server=server at entry=0x811a46250 "filur00",
> share=<optimized out>, auth_info=auth_info at entry=0x811a3e200, force_encrypt=force_encrypt at entry=false, max_protocol=13, port=0, name_type=32,
> 0) at ../source3/libsmb/clidfs.c:335
> #25 0x0000000801d82cbf in cli_cm_open (ctx=0x811a1d1e0, referring_cli=0x0, server=0x811a46250 "filur00", share=<optimized out>, auth_info=0x811a3e200, force_encrypt=<optimized out>, max_protocol=13, port=0, n
> ame_type=32, pcli=0x12473a0 <cli>) at ../source3/libsmb/clidfs.c:437
> #26 0x000000000102a9c0 in do_host_query (query_host=0x811a46250 "filur00") at ../source3/client/client.c:6574
> #27 main (argc=<optimized out>, argv=<optimized out>) at ../source3/client/client.c:6574
>
>
> - Peter
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list