Bad address during writev in weak_crypto mode
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| krb5-appl (Ubuntu) |
Triaged
|
Medium
|
Unassigned | ||
Bug Description
Ubuntu lucid (development branch) Release: 10.04
krb5-clients: 1:1.0~alpha1-1
krb5 1.8.1 breaks login to Solaris 10 SPARC (KRB5 1.6.2) using rlogin -x -l #PRINCIPALNAME# #HOSTNAME#
We use kerberized rlogin to solaris machines and after upgrading to lucid rcp works fine, rlogin doesn't ( new parameter allow_weak_crypto = true is set).
Server side log reports:
klogind[**PID***]: [ID ***ID*** auth.error] Error reading message
Traced the difference in the behaviour and found:
write(3, "#PRINCIPALNAME
write(3, "xterm/38400\0", 12) = 12
write(3, "#LOCALUSERNAME
writev(3, [{"\0\0\0\0", 4}, {"", 0}], 2) = -1 EFAULT (Bad address)
Old behaviour (KRB5 version 1.7.1) was:
writev(4, [{"\0\0\0\0", 4}, {NULL, 0}], 2) = 4
read(4, "\0", 1) = 1
Analyzing the sourcecode I figured out that the behaviour of write_message() in kcmd.c causes the bad address.
adding "outbuf.data=NULL" in the non-forwarding case fixes the issue ( see attached patch):
else { /* Dummy write to signal no forwarding */
+ outbuf.data=NULL;
| Karsten Richter (acc+launchpad) wrote | #1 |
| Shane Gary (shanegary) wrote | #2 |
| Dave Gilbert (ubuntu-treblig) wrote | #3 |
| Changed in krb5-appl (Ubuntu): | |
| importance: | Undecided → Medium |
| status: | New → Triaged |
I think I have the same issue. However I am truing to login into a debian server from an ubuntu 10.04 client. I posted details in the forum
http://