Project Moonshot

Bug #1561533
Comment #2

Comment 2 for bug 1561533

Revision history for this message

Luke Howard (lukeh-padl) wrote on 2016-03-24: Re: [Bug 1561533] crash after authentication on centos7 with master

I will take a look.

> On 25 Mar 2016, at 12:27 AM, Sam Hartman <email address hidden> wrote:
>
> Luke, it may be that one of your Heimdal commits broke MIT. I will try
> to get to this before leaving Painless next week, else someone on our
> side will look into this.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> Matching subscriptions: Moonshot Drivers
> https://bugs.launchpad.net/bugs/1561533
>
> Title:
> crash after authentication on centos7 with master
>
> Status in Project Moonshot:
> Confirmed
>
> Bug description:
> According to Stefan and Alex, if built with a1264ef then you get a coredump on centos7. Interestingly, the stack trace doesn't
> include any of our code, but instead fails in the krb5 library. However, with 28dcddb things work fine.
> I have not tested this yet; it may well be generic with MIT krb5 and not Centos-specific.
> From Stefan:
>
> Starting program: /usr/sbin/gss-server host@localhost
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/libthread_db.so.1".
> starting...
> 2016-03-24 11:29:03 CRIT XMLTooling.Config : libcurl lacks OpenSSL-specific options, this will greatly limit functionality
> [New Thread 0x7fffe7896700 (LWP 52402)]
> [New Thread 0x7fffe7095700 (LWP 52403)]
> [New Thread 0x7fffe6894700 (LWP 52404)]
> context flag: GSS_C_MUTUAL_FLAG
> context flag: GSS_C_REPLAY_FLAG
> context flag: GSS_C_SEQUENCE_FLAG
> context flag: GSS_C_CONF_FLAG
> context flag: GSS_C_INTEG_FLAG
> Attribute urn:ietf:params:gss:radius-attribute 79 Authenticated Complete
>
>
> 03070004
>
> Attribute urn:ietf:params:gss:radius-attribute 80 Authenticated
> Complete
>
>
> 5de105afdca56834f6fd86330e95ffd0
>
> Accepted connection: ""
> Received message: "boo"
>
> Program received signal SIGSEGV, Segmentation fault.
> kg_seal_iov (minor_status=0x7fffffffdef8, context_handle=0x0, conf_req_flag=0,
> qop_req=0, conf_state=0x0, iov=0x7fffffffdd90, iov_count=2, toktype=257)
> at k5sealiov.c:284
> 284 if (ctx->terminated || !ctx->established) {
> (gdb) bt full
> #0 kg_seal_iov (minor_status=0x7fffffffdef8, context_handle=0x0,
> conf_req_flag=0, qop_req=0, conf_state=0x0, iov=0x7fffffffdd90,
> iov_count=2, toktype=257) at k5sealiov.c:284
> ctx = <optimized out>
> #1 0x00007ffff7bbd24f in krb5_gss_get_mic_iov (minor_status=<optimized out>,
> context_handle=<optimized out>, qop_req=<optimized out>,
> iov=<optimized out>, iov_count=<optimized out>) at k5sealiov.c:537
> major_status = <optimized out>
> #2 0x00007ffff571be48 in gss_get_mic (minor=<optimized out>,
> ctx=<optimized out>, qop_req=<optimized out>,
> message_buffer=<optimized out>, message_token=0x7fffffffdf50)
> at get_mic.c:104
> major = <optimized out>
> iov = {{type = 1, buffer = {length = 3, value = 0x5555557a8720}}, {
> type = 65548, buffer = {length = 0, value = 0x0}}}
> #3 0x00007ffff7bacce4 in gss_get_mic (
> minor_status=minor_status@entry=0x7fffffffdef8,
> context_handle=0x55555575a080, qop_req=qop_req@entry=0,
> message_buffer=message_buffer@entry=0x7fffffffdf40,
> msg_token=msg_token@entry=0x7fffffffdf50) at g_sign.c:101
> status = 0
> ctx = 0x55555575a080
> mech = 0x5555557a1ff0
> #4 0x000055555555662a in sign_server (s=s@entry=8,
> server_creds=<optimized out>, export=export@entry=0) at gss-server.c:519
> client_name = {length = 0, value = 0x5555557acbc0}
> recv_buf = {length = 63, value = 0x0}
> unwrap_buf = {length = 3, value = 0x5555557a8720}
> mic_buf = {length = 0, value = 0x0}
> msg_buf = 0x7fffffffdf40
> send_buf = <optimized out>
> context = 0x55555575a080
> maj_stat = <optimized out>
> min_stat = 0
> i = <optimized out>
> conf_state = 1
> ret_flags = 382
> cp = <optimized out>
> token_flags = 228
> send_flags = <optimized out>
> #5 0x0000555555555bea in worker_bee (param=0x55555575a060) at gss-server.c:640
> work = 0x55555575a060
> #6 main (argc=<optimized out>, argv=<optimized out>) at gss-server.c:779
> work = 0x55555575a060
> service_name = <optimized out>
> server_creds = 0x55555575c460
> min_stat = 1
> port = <optimized out>
> once = 0
> do_inetd = 0
> export = 0
> (gdb)
> -- ends --
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/moonshot/+bug/1561533/+subscriptions

--
www.lukehoward.com
soundcloud.com/lukehoward

I will take a look.

> On 25 Mar 2016, at 12:27 AM, Sam Hartman <hartmans@debian.org> wrote:
> 
> Luke, it may be that one of your Heimdal commits broke MIT.  I will try
> to get to this before leaving Painless next week, else someone on our
> side will look into this.
> 
> -- 
> You received this bug notification because you are subscribed to the bug
> report.
> Matching subscriptions: Moonshot Drivers
> https://bugs.launchpad.net/bugs/1561533
> 
> Title:
>  crash after authentication on centos7 with master
> 
> Status in Project Moonshot:
>  Confirmed
> 
> Bug description:
>  According to Stefan and Alex, if built with a1264ef then you get a coredump on centos7.  Interestingly, the stack trace doesn't 
>  include any of our code, but instead fails in the krb5 library.  However, with  28dcddb things work fine.
>  I have not tested this yet; it may well be generic with MIT krb5 and not Centos-specific.
>  From Stefan:
> 
>  Starting program: /usr/sbin/gss-server host@localhost
>  [Thread debugging using libthread_db enabled]
>  Using host libthread_db library "/lib64/libthread_db.so.1".
>  starting...
>  2016-03-24 11:29:03 CRIT XMLTooling.Config : libcurl lacks OpenSSL-specific options, this will greatly limit functionality
>  [New Thread 0x7fffe7896700 (LWP 52402)]
>  [New Thread 0x7fffe7095700 (LWP 52403)]
>  [New Thread 0x7fffe6894700 (LWP 52404)]
>  context flag: GSS_C_MUTUAL_FLAG
>  context flag: GSS_C_REPLAY_FLAG
>  context flag: GSS_C_SEQUENCE_FLAG
>  context flag: GSS_C_CONF_FLAG
>  context flag: GSS_C_INTEG_FLAG
>  Attribute urn:ietf:params:gss:radius-attribute 79 Authenticated Complete
> 
> 
>  03070004
> 
>  Attribute urn:ietf:params:gss:radius-attribute 80 Authenticated
>  Complete
> 
> 
>  5de105afdca56834f6fd86330e95ffd0
> 
>  Accepted connection: ""
>  Received message: "boo"
> 
>  Program received signal SIGSEGV, Segmentation fault.
>  kg_seal_iov (minor_status=0x7fffffffdef8, context_handle=0x0, conf_req_flag=0,
>      qop_req=0, conf_state=0x0, iov=0x7fffffffdd90, iov_count=2, toktype=257)
>      at k5sealiov.c:284
>  284	    if (ctx->terminated || !ctx->established) {
>  (gdb) bt full
>  #0  kg_seal_iov (minor_status=0x7fffffffdef8, context_handle=0x0,
>      conf_req_flag=0, qop_req=0, conf_state=0x0, iov=0x7fffffffdd90,
>      iov_count=2, toktype=257) at k5sealiov.c:284
>          ctx = <optimized out>
>  #1  0x00007ffff7bbd24f in krb5_gss_get_mic_iov (minor_status=<optimized out>,
>      context_handle=<optimized out>, qop_req=<optimized out>,
>      iov=<optimized out>, iov_count=<optimized out>) at k5sealiov.c:537
>          major_status = <optimized out>
>  #2  0x00007ffff571be48 in gss_get_mic (minor=<optimized out>,
>      ctx=<optimized out>, qop_req=<optimized out>,
>      message_buffer=<optimized out>, message_token=0x7fffffffdf50)
>      at get_mic.c:104
>          major = <optimized out>
>          iov = {{type = 1, buffer = {length = 3, value = 0x5555557a8720}}, {
>              type = 65548, buffer = {length = 0, value = 0x0}}}
>  #3  0x00007ffff7bacce4 in gss_get_mic (
>      minor_status=minor_status@entry=0x7fffffffdef8,
>      context_handle=0x55555575a080, qop_req=qop_req@entry=0,
>      message_buffer=message_buffer@entry=0x7fffffffdf40,
>      msg_token=msg_token@entry=0x7fffffffdf50) at g_sign.c:101
>          status = 0
>          ctx = 0x55555575a080
>          mech = 0x5555557a1ff0
>  #4  0x000055555555662a in sign_server (s=s@entry=8,
>      server_creds=<optimized out>, export=export@entry=0) at gss-server.c:519
>          client_name = {length = 0, value = 0x5555557acbc0}
>          recv_buf = {length = 63, value = 0x0}
>          unwrap_buf = {length = 3, value = 0x5555557a8720}
>          mic_buf = {length = 0, value = 0x0}
>          msg_buf = 0x7fffffffdf40
>          send_buf = <optimized out>
>          context = 0x55555575a080
>          maj_stat = <optimized out>
>          min_stat = 0
>          i = <optimized out>
>          conf_state = 1
>          ret_flags = 382
>          cp = <optimized out>
>          token_flags = 228
>          send_flags = <optimized out>
>  #5  0x0000555555555bea in worker_bee (param=0x55555575a060) at gss-server.c:640
>          work = 0x55555575a060
>  #6  main (argc=<optimized out>, argv=<optimized out>) at gss-server.c:779
>          work = 0x55555575a060
>          service_name = <optimized out>
>          server_creds = 0x55555575c460
>          min_stat = 1
>          port = <optimized out>
>          once = 0
>          do_inetd = 0
>          export = 0
>  (gdb)
>  -- ends --
> 
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/moonshot/+bug/1561533/+subscriptions

--
www.lukehoward.com
soundcloud.com/lukehoward