cntlm crashed in sparc solaris 11

[yfchua]

when the cntlm is running in threading mode, and accessing the https website.
the cntlm will crash with memory fault.

when the cntlm is running in serial mode, and accessing the https website, it is running ok,

this only happen after there is change of proxy.
this is sparc solaris 11,
i run ./configure, gmake to make binary.

THank you

[fralken]

Hello @yfchua, can you elaborate better your use case? I guess the issue is "this only happen after there is change of proxy". This can be due to a race condition. Are you using a pac file? What is the sequence of operations that cause the fault?

[yfchua]

I run the cntlm. Cntlm connect to my company blue coat proxy.
I set the https_proxy=http://localhost:3128
I run curl https://wew.google.com
Cntlm crashed with Bus error

Sending PROXY auth request…
Host => www.google.com
…
…
…
Reading PROXY auth response…
HEAD: HTTP/1.1 407 Proxy Authentication Required
….
…
…
NTLM Challenge:
Challenge: ….
….
….
….

NTLMv2:
Nonce:27CB870A54274EF3
Timestamp: 31082536

Bus error

[yfchua]

According to internet , bus error occur when a process is trying to access memory cpu cannot physically access.

This only happens after the proxy was upgraded.
Cntlm is running fine before proxy upgrade

[fralken]

So the issue happens after an upgrade of the remote proxy, while before this upgrade everything worked fine. It looks like something changed in the NTLM challenge phase. Can you test Cntlm on a windows or mac or linux machine? Just to check if the problem is related to Solaris. This scenario is very difficult to replicate, you could try and debugging it yourself.

[yfchua]

Hi
It only happen on the Solaris sparc server. It does not happen on the x86 Linux server. I not a c programmer, so it is hard for me to debug.

[fralken]

Ok, then it is an issue of Sparc Solaris only. Maybe it is related to the cpu endianness. Is it big endian? What is the output of ./configure?

[yfchua]

It is big endian

[fralken]

Can you try this branch on my repo?

git clone -b nonce-endianness https://github.com/fralken/cntlm.git

I guess the nonce is not correctly passed to the NTLM token in case of big endian.

[yfchua]

Hi
Thank for the help I will clone it and test it asap

[yfchua]

Unfortunately the fix for the big endian did not work
I captured the core dump and did a backtrack please refer to the screen capture

[fralken]

Hello, unfortunately this dump is not helpful, it doesn't show where the program crashed.

Just to understand, you said that cntlm worked until the remote proxy was upgraded. What was the change? which authentication method used the old proxy? The new proxy uses NTLMv2.

This is probably a problem of uint32 alignment.

Also, which compiler are you using? gcc, clang?

Can you try again with this repo?
git clone -b nonce-endianness https://github.com/fralken/cntlm.git