To reproduce: 1. build a regular selftest build with bundled Heimdal and autobuild configuration flags. 2. spin up the ad_dc testenv 3. in the env, type: ./bin/wbinfo -K 'Administrator%1locDCpass1' (that's a good user and wrong password) The winbindd child process for the domain crashes. I got the following stack trace (frames 0-5 are the fault handler): /home/uri/s2/bin/winbindd: #6 <signal handler called> /home/uri/s2/bin/winbindd: No symbol table info available. /home/uri/s2/bin/winbindd: #7 0x00007fa37b264fe6 in strlen () from /lib64/libc.so.6 /home/uri/s2/bin/winbindd: No symbol table info available. /home/uri/s2/bin/winbindd: #8 0x00007fa37b264d1e in strdup () from /lib64/libc.so.6 /home/uri/s2/bin/winbindd: No symbol table info available. /home/uri/s2/bin/winbindd: #9 0x00007fa37736593e in der_copy_general_string (from=0x5590345ee930, to=0x7ffc704c7a98) at ../source4/heimdal/lib/asn1/der_copy.c:44 /home/uri/s2/bin/winbindd: No locals. /home/uri/s2/bin/winbindd: #10 0x00007fa377377f2b in copy_Realm (from=0x5590345ee930, to=0x7ffc704c7a98) at default/source4/heimdal/lib/asn1/asn1_krb5_asn1.c:793 /home/uri/s2/bin/winbindd: No locals. /home/uri/s2/bin/winbindd: #11 0x00007fa3773a09ec in copy_KRB_ERROR (from=0x5590345ee8f8, to=0x7ffc704c7a60) at default/source4/heimdal/lib/asn1/asn1_krb5_asn1.c:12899 /home/uri/s2/bin/winbindd: No locals. /home/uri/s2/bin/winbindd: #12 0x00007fa3801684ea in krb5_init_creds_get_error (context=0x559034aec5b0, ctx=0x5590345ee760, error=0x7ffc704c7a60) at ../source4/heimdal/lib/krb5/init_creds_pw.c:1899 /home/uri/s2/bin/winbindd: ret = 32675 /home/uri/s2/bin/winbindd: #13 0x00007fa37c463884 in smb_krb5_get_ntstatus_from_init_creds (ctx=0x559034aec5b0, client=0x559033929730, opt=0x559033c60710, nt_status=0x7ffc704c7b30) at ../source3/libads/kerberos.c:229 /home/uri/s2/bin/winbindd: icc = 0x5590345ee760 /home/uri/s2/bin/winbindd: code = 0 /home/uri/s2/bin/winbindd: error = {pvno = 0, msg_type = 0, ctime = 0x0, cusec = 0x0, stime = 0, susec = 0, error_code = 0, crealm = 0x0, cname = 0x0, realm = 0x0, sname = {name_type = KRB5_NT_UNKNOWN, name_string = {len = 0, val = 0x0}}, e_text = 0x0, e_data = 0x0} /home/uri/s2/bin/winbindd: ok = false /home/uri/s2/bin/winbindd: __func__ = "smb_krb5_get_ntstatus_from_init_creds" /home/uri/s2/bin/winbindd: #14 0x00007fa37c463dba in kerberos_kinit_password_ext (principal=0x559033e51a00 "Administrator@ADDOM.SAMBA.EXAMPLE.COM", password=0x7ffc704c8ca8 "1locDCpass1", time_offset=0, expire_time=0x7ffc704c7dd8, renew_till_time=0x7ffc704c7de0, cache_name=0x559034523110 "FILE:/tmp/krb5cc_1000", request_pac=true, add_netbios_addr=true, renewable_time=2592000, ntstatus=0x7ffc704c7c80) at ../source3/libads/kerberos.c:374 /home/uri/s2/bin/winbindd: ok = false /home/uri/s2/bin/winbindd: status = {v = 1884060560} /home/uri/s2/bin/winbindd: ctx = 0x559034aec5b0 /home/uri/s2/bin/winbindd: code = -1765328360 /home/uri/s2/bin/winbindd: cc = 0x55903453e7f0 /home/uri/s2/bin/winbindd: me = 0x559033929730 /home/uri/s2/bin/winbindd: canon_princ = 0x0 /home/uri/s2/bin/winbindd: my_creds = {client = 0x0, server = 0x0, session = {keytype = 0, keyvalue = {length = 0, data = 0x0}}, times = {authtime = 0, starttime = 0, endtime = 0, renew_till = 0}, ticket = {length = 0, data = 0x0}, second_ticket = {length = 0, data = 0x0}, authdata = {len = 0, val = 0x0}, addresses = {len = 0, val = 0x0}, flags = {b = {reserved = 0, forwardable = 0, forwarded = 0, proxiable = 0, proxy = 0, may_postdate = 0, postdated = 0, invalid = 0, renewable = 0, initial = 0, pre_authent = 0, hw_authent = 0, transited_policy_checked = 0, ok_as_delegate = 0, anonymous = 0, enc_pa_rep = 0, _unused16 = 0, _unused17 = 0, _unused18 = 0, _unused19 = 0, _unused20 = 0, _unused21 = 0, _unused22 = 0, _unused23 = 0, _unused24 = 0, _unused25 = 0, _unused26 = 0, _unused27 = 0, _unused28 = 0, _unused29 = 0, _unused30 = 0, _unused31 = 0}, i = 0}} /home/uri/s2/bin/winbindd: opt = 0x559033c60710 /home/uri/s2/bin/winbindd: addr = 0x5590338ee260 /home/uri/s2/bin/winbindd: __FUNCTION__ = "kerberos_kinit_password_ext" /home/uri/s2/bin/winbindd: #15 0x0000559032b045eb in kerberos_return_pac (mem_ctx=0x5590344aed80, name=0x559033e51a00 "Administrator@ADDOM.SAMBA.EXAMPLE.COM", pass=0x7ffc704c8ca8 "1locDCpass1", time_offset=0, expire_time=0x7ffc704c7dd8, renew_till_time=0x7ffc704c7de0, cache_name=0x559034523110 "FILE:/tmp/krb5cc_1000", requ It reportedly happens also with MIT Kerberos.
Created attachment 13102 [details] Fix for 4.6.next
Comment on attachment 13102 [details] Fix for 4.6.next LGTM
Karolin, please add to Samba 4.6. Thanks.
(In reply to Andreas Schneider from comment #3) Pushed to autobuild-v4-6-test.
(In reply to Karolin Seeger from comment #4) Pushed to v4-6-test. Closing out bug report. Thanks!