crash after authentication on centos7 with master
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Project Moonshot |
Confirmed
|
High
|
Dan Breslau |
Bug Description
According to Stefan and Alex, if built with a1264ef then you get a coredump on centos7. Interestingly, the stack trace doesn't
include any of our code, but instead fails in the krb5 library. However, with 28dcddb things work fine.
I have not tested this yet; it may well be generic with MIT krb5 and not Centos-specific.
From Stefan:
Starting program: /usr/sbin/
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/
starting...
2016-03-24 11:29:03 CRIT XMLTooling.Config : libcurl lacks OpenSSL-specific options, this will greatly limit functionality
[New Thread 0x7fffe7896700 (LWP 52402)]
[New Thread 0x7fffe7095700 (LWP 52403)]
[New Thread 0x7fffe6894700 (LWP 52404)]
context flag: GSS_C_MUTUAL_FLAG
context flag: GSS_C_REPLAY_FLAG
context flag: GSS_C_SEQUENCE_FLAG
context flag: GSS_C_CONF_FLAG
context flag: GSS_C_INTEG_FLAG
Attribute urn:ietf:
03070004
Attribute urn:ietf:
5de105afdca5683
Accepted connection: ""
Received message: "boo"
Program received signal SIGSEGV, Segmentation fault.
kg_seal_iov (minor_
qop_req=0, conf_state=0x0, iov=0x7fffffffdd90, iov_count=2, toktype=257)
at k5sealiov.c:284
284 if (ctx->terminated || !ctx->established) {
(gdb) bt full
#0 kg_seal_iov (minor_
conf_
iov_count=2, toktype=257) at k5sealiov.c:284
ctx = <optimized out>
#1 0x00007ffff7bbd24f in krb5_gss_
context_
iov=<optimized out>, iov_count=
#2 0x00007ffff571be48 in gss_get_mic (minor=<optimized out>,
ctx=<optimized out>, qop_req=<optimized out>,
message_
at get_mic.c:104
major = <optimized out>
iov = {{type = 1, buffer = {length = 3, value = 0x5555557a8720}}, {
type = 65548, buffer = {length = 0, value = 0x0}}}
#3 0x00007ffff7bacce4 in gss_get_mic (
minor_
context_
message_
msg_
status = 0
ctx = 0x55555575a080
mech = 0x5555557a1ff0
#4 0x000055555555662a in sign_server (s=s@entry=8,
server_
client_name = {length = 0, value = 0x5555557acbc0}
recv_buf = {length = 63, value = 0x0}
unwrap_buf = {length = 3, value = 0x5555557a8720}
mic_buf = {length = 0, value = 0x0}
msg_buf = 0x7fffffffdf40
send_buf = <optimized out>
context = 0x55555575a080
maj_stat = <optimized out>
min_stat = 0
i = <optimized out>
conf_state = 1
ret_flags = 382
cp = <optimized out>
token_flags = 228
send_flags = <optimized out>
#5 0x0000555555555bea in worker_bee (param=
work = 0x55555575a060
#6 main (argc=<optimized out>, argv=<optimized out>) at gss-server.c:779
work = 0x55555575a060
min_stat = 1
port = <optimized out>
once = 0
do_inetd = 0
export = 0
(gdb)
-- ends --
Changed in moonshot: | |
assignee: | Stefan Paetow (stefan-paetow) → Margaret Cullen (mrw42) |
Changed in moonshot: | |
assignee: | Margaret Cullen (mrw42) → Dan Breslau (dbreslau) |
Luke, it may be that one of your Heimdal commits broke MIT. I will try to get to this before leaving Painless next week, else someone on our side will look into this.