** Description changed: + This is a Focal-only SRU. + + [Impact (from https://bugzilla.samba.org/show_bug.cgi?id=14344#c2)] + + If there is a problem reading credential cache then smbclient can core + with double free. + + e.g. something like + + smbclient -L //foo.bar.com + + can result in + + + Enter TUX-NET\tux's password: + Failed to resolve credential cache 'DIR:/run/user/1000/krb5cc'! (No credentials cache found) + *** Error in `smbclient': double free or corruption (fasttop): 0x0000560cd2ea8890 *** + Aborted (core dumped) + + [Test Plan] + + Test PPA (amd64, ppc64el, s390x): + + https://launchpad.net/~paride/+archive/ubuntu/samba-lp1892145 + + [Regression Potential] + + The patch is a cherry-pick from upstream and has a little and well + defined scope: it removes a free() in a given situation. The patch is a + cherry-pick from upstream and has already been released in stable + upstream branches and as such it's already shipped in a stable release + of Ubuntu (Hirsute), in the current devel release (Impish) and in Debian + Bullseye (currently testing). Therefore it can be considered field + tested. The patch doesn't modify the behavior of any interface or user- + facing component. + + The regression potential can be considered low. + + [Original Description] + It is not possible anymore to connect anonymously to a Samba server, if there is a Kerberos environment. It does not matter if there is a valid Kerberos ticket or not. I'm using FreeIPA. This is with smbclient 2:4.11.6+dfsg-0ubuntu1.4 For example, $ smbclient -L '//dist.ghs.nl/space' -N Failed to resolve credential cache 'KEYRING:persistent:60001'! (Unknown credential cache type) free(): double free detected in tcache 2 Aborted (core dumped) On Ubuntu 18.04, with smbclient 2:4.7.6+dfsg~ubuntu-0ubuntu2.18 it works as expected (albeit with many messages about failing krb5_init_context and smb_krb5_context_init_basic) The combination Samba + FreeIPA + Ubuntu has never worked since I started using FreeIPA a few years ago. But anonymous access to a Samba server did work, until I switched to Ubuntu 20.04.
** Description changed: This is a Focal-only SRU. [Impact (from https://bugzilla.samba.org/show_bug.cgi?id=14344#c2)] If there is a problem reading credential cache then smbclient can core with double free. e.g. something like smbclient -L //foo.bar.com can result in - - Enter TUX-NET\tux's password: + Enter TUX-NET\tux's password: Failed to resolve credential cache 'DIR:/run/user/1000/krb5cc'! (No credentials cache found) *** Error in `smbclient': double free or corruption (fasttop): 0x0000560cd2ea8890 *** Aborted (core dumped) [Test Plan] Test PPA (amd64, ppc64el, s390x): https://launchpad.net/~paride/+archive/ubuntu/samba-lp1892145 [Regression Potential] The patch is a cherry-pick from upstream and has a little and well defined scope: it removes a free() in a given situation. The patch is a cherry-pick from upstream and has already been released in stable upstream branches and as such it's already shipped in a stable release of Ubuntu (Hirsute), in the current devel release (Impish) and in Debian Bullseye (currently testing). Therefore it can be considered field tested. The patch doesn't modify the behavior of any interface or user- facing component. The regression potential can be considered low. + [Development Fix] + + The patch is included in the following upstream and Ubuntu releases: + + * >= 4.11.9 + * >= 4.12.3 + * >= 4.13.0 (>= Hirsute) + [Original Description] It is not possible anymore to connect anonymously to a Samba server, if there is a Kerberos environment. It does not matter if there is a valid Kerberos ticket or not. I'm using FreeIPA. This is with smbclient 2:4.11.6+dfsg-0ubuntu1.4 For example, $ smbclient -L '//dist.ghs.nl/space' -N Failed to resolve credential cache 'KEYRING:persistent:60001'! (Unknown credential cache type) free(): double free detected in tcache 2 Aborted (core dumped) On Ubuntu 18.04, with smbclient 2:4.7.6+dfsg~ubuntu-0ubuntu2.18 it works as expected (albeit with many messages about failing krb5_init_context and smb_krb5_context_init_basic) The combination Samba + FreeIPA + Ubuntu has never worked since I started using FreeIPA a few years ago. But anonymous access to a Samba server did work, until I switched to Ubuntu 20.04. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1892145 Title: [SRU] smbclient cannot connect anonymously in Kerberos context (freeipa) To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1892145/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
