Bug 11598 - Crash when user not in kerberos.
Crash when user not in kerberos.
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB
4.3.0
x86 Linux
: P5 critical
: ---
Assigned To: Andrew Bartlett
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-10 17:53 UTC by marcio
Modified: 2015-11-11 07:36 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description marcio 2015-11-10 17:53:54 UTC
When I try login in a remote samba server 4.3.0 (Fedora) with 'smbclient //server/share -U user_name' (Centos 7.1) I got:

[2015/11/10 15:33:34.329586,  3] ../source3/smbd/oplock.c:1308(init_oplocks)
  init_oplocks: initializing messages.
[2015/11/10 15:33:34.329903,  3] ../source3/smbd/process.c:1880(process_smb)
  Transaction 0 of length 194 (0 toread)
[2015/11/10 15:33:34.330109,  3] ../source3/smbd/process.c:1490(switch_message)
  switch message SMBnegprot (pid 7246) conn 0x0
[2015/11/10 15:33:34.331466,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2015/11/10 15:33:34.331638,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [MICROSOFT NETWORKS 1.03]
[2015/11/10 15:33:34.331823,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [MICROSOFT NETWORKS 3.0]
[2015/11/10 15:33:34.331982,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [LANMAN1.0]
[2015/11/10 15:33:34.332132,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [LM1.2X002]
[2015/11/10 15:33:34.332297,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [DOS LANMAN2.1]
[2015/11/10 15:33:34.332472,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [LANMAN2.1]
[2015/11/10 15:33:34.332613,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [Samba]
[2015/11/10 15:33:34.332838,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [NT LANMAN 1.0]
[2015/11/10 15:33:34.332971,  3] ../source3/smbd/negprot.c:575(reply_negprot)
  Requested protocol [NT LM 0.12]
[2015/11/10 15:33:34.334297,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'gssapi_spnego' registered
[2015/11/10 15:33:34.334342,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'gssapi_krb5' registered
[2015/11/10 15:33:34.334354,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'gssapi_krb5_sasl' registered
[2015/11/10 15:33:34.334383,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'spnego' registered
[2015/11/10 15:33:34.334394,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'schannel' registered
[2015/11/10 15:33:34.334403,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'naclrpc_as_system' registered
[2015/11/10 15:33:34.334412,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'sasl-EXTERNAL' registered
[2015/11/10 15:33:34.334420,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'ntlmssp' registered
[2015/11/10 15:33:34.334428,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'http_basic' registered
[2015/11/10 15:33:34.334437,  3] ../auth/gensec/gensec_start.c:899(gensec_register)
  GENSEC backend 'http_ntlm' registered
[2015/11/10 15:33:34.335071,  3] ../source3/smbd/negprot.c:395(reply_nt1)
  using SPNEGO
[2015/11/10 15:33:34.335121,  3] ../source3/smbd/negprot.c:683(reply_negprot)
  Selected protocol NT LANMAN 1.0
[2015/11/10 15:33:34.336010,  3] ../source3/smbd/process.c:1880(process_smb)
  Transaction 1 of length 166 (0 toread)
[2015/11/10 15:33:34.336047,  3] ../source3/smbd/process.c:1490(switch_message)
  switch message SMBsesssetupX (pid 7246) conn 0x0
[2015/11/10 15:33:34.336075,  3] ../source3/smbd/sesssetup.c:610(reply_sesssetup_and_X)
  wct=12 flg2=0xc843
[2015/11/10 15:33:34.336091,  3] ../source3/smbd/sesssetup.c:142(reply_sesssetup_and_X_spnego)
  Doing spnego session setup
[2015/11/10 15:33:34.336108,  3] ../source3/smbd/sesssetup.c:183(reply_sesssetup_and_X_spnego)
  NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2015/11/10 15:33:34.336552,  3] ../auth/ntlmssp/ntlmssp_util.c:34(debug_ntlmssp_flags)
  Got NTLMSSP neg_flags=0x60088215
[2015/11/10 15:33:34.337626,  3] ../source3/smbd/process.c:1880(process_smb)
  Transaction 2 of length 412 (0 toread)
[2015/11/10 15:33:34.337683,  3] ../source3/smbd/process.c:1490(switch_message)
  switch message SMBsesssetupX (pid 7246) conn 0x0
[2015/11/10 15:33:34.337702,  3] ../source3/smbd/sesssetup.c:610(reply_sesssetup_and_X)
  wct=12 flg2=0xc843
[2015/11/10 15:33:34.337712,  3] ../source3/smbd/sesssetup.c:142(reply_sesssetup_and_X_spnego)
  Doing spnego session setup
[2015/11/10 15:33:34.337739,  3] ../source3/smbd/sesssetup.c:183(reply_sesssetup_and_X_spnego)
  NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[]
[2015/11/10 15:33:34.337766,  3] ../auth/ntlmssp/ntlmssp_server.c:359(ntlmssp_server_preauth)
  Got user=[user_name] domain=[COMPANY] workstation=[UN-D009971] len1=24 len2=152
[2015/11/10 15:33:34.337783,  3] ../source3/param/loadparm.c:3720(lp_load_ex)
  lp_load_ex: refreshing parameters
[2015/11/10 15:33:34.337862,  3] ../source3/param/loadparm.c:565(init_globals)
  Initialising global parameters
[2015/11/10 15:33:34.337969,  3] ../source3/param/loadparm.c:2656(lp_do_section)
  Processing section "[global]"
[2015/11/10 15:33:34.338253,  2] ../source3/param/loadparm.c:2673(lp_do_section)
  Processing section "[homes]"
[2015/11/10 15:33:34.338296,  2] ../source3/param/loadparm.c:2673(lp_do_section)
  Processing section "[ctic]"
[2015/11/10 15:33:34.338330,  2] ../source3/param/loadparm.c:2673(lp_do_section)
  Processing section "[diseg]"
[2015/11/10 15:33:34.338351,  2] ../source3/param/loadparm.c:2673(lp_do_section)
  Processing section "[comunicacao]"
[2015/11/10 15:33:34.338396,  3] ../source3/param/loadparm.c:1574(lp_add_ipc)
  adding IPC service
[2015/11/10 15:33:34.338476,  3] ../source3/auth/auth.c:178(auth_check_ntlm_password)
  check_ntlm_password:  Checking password for unmapped user [COMPANY]\[user_name]@[UN-D009971] with the new password interface
[2015/11/10 15:33:34.338529,  3] ../source3/auth/auth.c:181(auth_check_ntlm_password)
  check_ntlm_password:  mapped user is: [FILES-FED]\[user_name]@[UN-D009971]
[2015/11/10 15:33:34.338678,  2] ../source3/lib/smbldap.c:794(smbldap_open_connection)
  smbldap_open_connection: connection opened
[2015/11/10 15:33:34.679533,  3] ../source3/lib/smbldap.c:1013(smbldap_connect_system)
  ldap_connect_system: successful connection to the LDAP server
[2015/11/10 15:33:34.745161,  2] ipa_sam.c:3202(init_sam_from_ldap)
  init_sam_from_ldap: Entry found for user: user_name
[2015/11/10 15:33:34.745234,  0] ../lib/util/fault.c:78(fault_report)
  ===============================================================
[2015/11/10 15:33:34.745291,  0] ../lib/util/fault.c:79(fault_report)
  INTERNAL ERROR: Signal 11 in pid 7246 (4.3.0)
  Please read the Trouble-Shooting section of the Samba HOWTO
[2015/11/10 15:33:34.745349,  0] ../lib/util/fault.c:81(fault_report)
  ===============================================================
[2015/11/10 15:33:34.745396,  0] ../source3/lib/util.c:789(smb_panic_s3)
  PANIC (pid 7246): internal error
[2015/11/10 15:33:34.746236,  0] ../source3/lib/util.c:900(log_stack_trace)
  BACKTRACE: 40 stack frames:
   #0 /lib64/libsmbconf.so.0(log_stack_trace+0x1a) [0x7fdc8c03099a]
   #1 /lib64/libsmbconf.so.0(smb_panic_s3+0x20) [0x7fdc8c030a70]
   #2 /lib64/libsamba-util.so.0(smb_panic+0x2f) [0x7fdc8e0d457f]
   #3 /lib64/libsamba-util.so.0(+0x11796) [0x7fdc8e0d4796]
   #4 /lib64/libpthread.so.0(+0x109f0) [0x7fdc8e33d9f0]
   #5 /lib64/libc.so.6(_IO_vfprintf+0xaf0) [0x7fdc8a6f5400]
   #6 /lib64/libc.so.6(__vsnprintf_chk+0x96) [0x7fdc8a7bb006]
   #7 /lib64/libtalloc.so.2(talloc_vasprintf+0x6e) [0x7fdc8ac80bfe]
   #8 /lib64/libtalloc.so.2(+0x4e4c) [0x7fdc8ac7ce4c]
   #9 /lib64/libtalloc.so.2(talloc_named_const+0x3a2) [0x7fdc8ac7e3d2]
   #10 /usr/lib64/samba/pdb/ipasam.so(+0x9c2e) [0x7fdc74e50c2e]
   #11 /lib64/libsamba-passdb.so.0(pdb_getsampwnam+0x28) [0x7fdc8c6cbb88]
   #12 /usr/lib64/samba/libauth-samba4.so(check_sam_security+0x69) [0x7fdc8c293629]
   #13 /usr/lib64/samba/libauth-samba4.so(+0x8dce) [0x7fdc8c286dce]
   #14 /usr/lib64/samba/libauth-samba4.so(auth_check_ntlm_password+0x1da) [0x7fdc8c28bf1a]
   #15 /usr/lib64/samba/libauth-samba4.so(auth3_check_password+0x118) [0x7fdc8c28d8a8]
   #16 /lib64/libgensec.so.0(gensec_ntlmssp_server_auth+0x370) [0x7fdc866e7710]
   #17 /lib64/libgensec.so.0(gensec_ntlmssp_update+0x1cf) [0x7fdc866e588f]
   #18 /lib64/libgensec.so.0(gensec_update_ev+0xc8) [0x7fdc866ea918]
   #19 /lib64/libgensec.so.0(+0x9d3f) [0x7fdc866e2d3f]
   #20 /lib64/libgensec.so.0(+0xa841) [0x7fdc866e3841]
   #21 /lib64/libgensec.so.0(gensec_update_ev+0x242) [0x7fdc866eaa92]
   #22 /lib64/libgensec.so.0(gensec_update+0x17) [0x7fdc866eab57]
   #23 /usr/lib64/samba/libsmbd-base-samba4.so(reply_sesssetup_and_X+0xf4b) [0x7fdc8dc688eb]
   #24 /usr/lib64/samba/libsmbd-base-samba4.so(+0x13bb47) [0x7fdc8dca5b47]
   #25 /usr/lib64/samba/libsmbd-base-samba4.so(+0x13d8c3) [0x7fdc8dca78c3]
   #26 /usr/lib64/samba/libsmbd-base-samba4.so(+0x13ef5c) [0x7fdc8dca8f5c]
   #27 /lib64/libsmbconf.so.0(run_events_poll+0x167) [0x7fdc8c046307]
   #28 /lib64/libsmbconf.so.0(+0x35567) [0x7fdc8c046567]
   #29 /lib64/libtevent.so.0(_tevent_loop_once+0x8d) [0x7fdc8aa6e11d]
   #30 /lib64/libtevent.so.0(tevent_common_loop_wait+0x1b) [0x7fdc8aa6e2bb]
   #31 /usr/lib64/samba/libsmbd-base-samba4.so(smbd_process+0x740) [0x7fdc8dcaa310]
   #32 /usr/sbin/smbd(+0x9802) [0x55dd4169d802]
   #33 /lib64/libsmbconf.so.0(run_events_poll+0x167) [0x7fdc8c046307]
   #34 /lib64/libsmbconf.so.0(+0x35567) [0x7fdc8c046567]
   #35 /lib64/libtevent.so.0(_tevent_loop_once+0x8d) [0x7fdc8aa6e11d]
   #36 /lib64/libtevent.so.0(tevent_common_loop_wait+0x1b) [0x7fdc8aa6e2bb]
   #37 /usr/sbin/smbd(main+0x1899) [0x55dd4169ba79]
   #38 /lib64/libc.so.6(__libc_start_main+0xf0) [0x7fdc8a6c9580]
   #39 /usr/sbin/smbd(_start+0x29) [0x55dd4169bb79]
[2015/11/10 15:33:34.761823,  0] ../source3/lib/dumpcore.c:318(dump_core)
  dumping core in /var/log/samba/cores/smbd

The trouble occours when '-k' is ommited, for not connect using kerberos ticket.  With kerberos option (smbclient -k //server/share' we can connect to share without problems.