I will take a look.
> On 25 Mar 2016, at 12:27 AM, Sam Hartman <email address hidden> wrote: > > Luke, it may be that one of your Heimdal commits broke MIT. I will try > to get to this before leaving Painless next week, else someone on our > side will look into this. > > -- > You received this bug notification because you are subscribed to the bug > report. > Matching subscriptions: Moonshot Drivers > https://bugs.launchpad.net/bugs/1561533 > > Title: > crash after authentication on centos7 with master > > Status in Project Moonshot: > Confirmed > > Bug description: > According to Stefan and Alex, if built with a1264ef then you get a coredump on centos7. Interestingly, the stack trace doesn't > include any of our code, but instead fails in the krb5 library. However, with 28dcddb things work fine. > I have not tested this yet; it may well be generic with MIT krb5 and not Centos-specific. > From Stefan: > > Starting program: /usr/sbin/gss-server host@localhost > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > starting... > 2016-03-24 11:29:03 CRIT XMLTooling.Config : libcurl lacks OpenSSL-specific options, this will greatly limit functionality > [New Thread 0x7fffe7896700 (LWP 52402)] > [New Thread 0x7fffe7095700 (LWP 52403)] > [New Thread 0x7fffe6894700 (LWP 52404)] > context flag: GSS_C_MUTUAL_FLAG > context flag: GSS_C_REPLAY_FLAG > context flag: GSS_C_SEQUENCE_FLAG > context flag: GSS_C_CONF_FLAG > context flag: GSS_C_INTEG_FLAG > Attribute urn:ietf:params:gss:radius-attribute 79 Authenticated Complete > > > 03070004 > > Attribute urn:ietf:params:gss:radius-attribute 80 Authenticated > Complete > > > 5de105afdca56834f6fd86330e95ffd0 > > Accepted connection: "" > Received message: "boo" > > Program received signal SIGSEGV, Segmentation fault. > kg_seal_iov (minor_status=0x7fffffffdef8, context_handle=0x0, conf_req_flag=0, > qop_req=0, conf_state=0x0, iov=0x7fffffffdd90, iov_count=2, toktype=257) > at k5sealiov.c:284 > 284 if (ctx->terminated || !ctx->established) { > (gdb) bt full > #0 kg_seal_iov (minor_status=0x7fffffffdef8, context_handle=0x0, > conf_req_flag=0, qop_req=0, conf_state=0x0, iov=0x7fffffffdd90, > iov_count=2, toktype=257) at k5sealiov.c:284 > ctx = <optimized out> > #1 0x00007ffff7bbd24f in krb5_gss_get_mic_iov (minor_status=<optimized out>, > context_handle=<optimized out>, qop_req=<optimized out>, > iov=<optimized out>, iov_count=<optimized out>) at k5sealiov.c:537 > major_status = <optimized out> > #2 0x00007ffff571be48 in gss_get_mic (minor=<optimized out>, > ctx=<optimized out>, qop_req=<optimized out>, > message_buffer=<optimized out>, message_token=0x7fffffffdf50) > at get_mic.c:104 > major = <optimized out> > iov = {{type = 1, buffer = {length = 3, value = 0x5555557a8720}}, { > type = 65548, buffer = {length = 0, value = 0x0}}} > #3 0x00007ffff7bacce4 in gss_get_mic ( > minor_status=minor_status@entry=0x7fffffffdef8, > context_handle=0x55555575a080, qop_req=qop_req@entry=0, > message_buffer=message_buffer@entry=0x7fffffffdf40, > msg_token=msg_token@entry=0x7fffffffdf50) at g_sign.c:101 > status = 0 > ctx = 0x55555575a080 > mech = 0x5555557a1ff0 > #4 0x000055555555662a in sign_server (s=s@entry=8, > server_creds=<optimized out>, export=export@entry=0) at gss-server.c:519 > client_name = {length = 0, value = 0x5555557acbc0} > recv_buf = {length = 63, value = 0x0} > unwrap_buf = {length = 3, value = 0x5555557a8720} > mic_buf = {length = 0, value = 0x0} > msg_buf = 0x7fffffffdf40 > send_buf = <optimized out> > context = 0x55555575a080 > maj_stat = <optimized out> > min_stat = 0 > i = <optimized out> > conf_state = 1 > ret_flags = 382 > cp = <optimized out> > token_flags = 228 > send_flags = <optimized out> > #5 0x0000555555555bea in worker_bee (param=0x55555575a060) at gss-server.c:640 > work = 0x55555575a060 > #6 main (argc=<optimized out>, argv=<optimized out>) at gss-server.c:779 > work = 0x55555575a060 > service_name = <optimized out> > server_creds = 0x55555575c460 > min_stat = 1 > port = <optimized out> > once = 0 > do_inetd = 0 > export = 0 > (gdb) > -- ends -- > > To manage notifications about this bug go to: > https://bugs.launchpad.net/moonshot/+bug/1561533/+subscriptions
-- www.lukehoward.com soundcloud.com/lukehoward
I will take a look.
> On 25 Mar 2016, at 12:27 AM, Sam Hartman <email address hidden> wrote: /bugs.launchpad .net/bugs/ 1561533 gss-server host@localhost libthread_ db.so.1" . params: gss:radius- attribute 79 Authenticated Complete params: gss:radius- attribute 80 Authenticated 4f6fd86330e95ff d0 status= 0x7fffffffdef8, context_handle=0x0, conf_req_flag=0, status= 0x7fffffffdef8, context_handle=0x0, get_mic_ iov (minor_ status= <optimized out>, handle= <optimized out>, qop_req=<optimized out>, <optimized out>) at k5sealiov.c:537 buffer= <optimized out>, message_ token=0x7ffffff fdf50) minor_status@ entry=0x7ffffff fdef8, handle= 0x55555575a080, qop_req= qop_req@ entry=0, buffer= message_ buffer@ entry=0x7ffffff fdf40, msg_token@ entry=0x7ffffff fdf50) at g_sign.c:101 creds=< optimized out>, export= export@ entry=0) at gss-server.c:519 0x55555575a060) at gss-server.c:640 /bugs.launchpad .net/moonshot/ +bug/1561533/ +subscriptions
>
> Luke, it may be that one of your Heimdal commits broke MIT. I will try
> to get to this before leaving Painless next week, else someone on our
> side will look into this.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> Matching subscriptions: Moonshot Drivers
> https:/
>
> Title:
> crash after authentication on centos7 with master
>
> Status in Project Moonshot:
> Confirmed
>
> Bug description:
> According to Stefan and Alex, if built with a1264ef then you get a coredump on centos7. Interestingly, the stack trace doesn't
> include any of our code, but instead fails in the krb5 library. However, with 28dcddb things work fine.
> I have not tested this yet; it may well be generic with MIT krb5 and not Centos-specific.
> From Stefan:
>
> Starting program: /usr/sbin/
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib64/
> starting...
> 2016-03-24 11:29:03 CRIT XMLTooling.Config : libcurl lacks OpenSSL-specific options, this will greatly limit functionality
> [New Thread 0x7fffe7896700 (LWP 52402)]
> [New Thread 0x7fffe7095700 (LWP 52403)]
> [New Thread 0x7fffe6894700 (LWP 52404)]
> context flag: GSS_C_MUTUAL_FLAG
> context flag: GSS_C_REPLAY_FLAG
> context flag: GSS_C_SEQUENCE_FLAG
> context flag: GSS_C_CONF_FLAG
> context flag: GSS_C_INTEG_FLAG
> Attribute urn:ietf:
>
>
> 03070004
>
> Attribute urn:ietf:
> Complete
>
>
> 5de105afdca5683
>
> Accepted connection: ""
> Received message: "boo"
>
> Program received signal SIGSEGV, Segmentation fault.
> kg_seal_iov (minor_
> qop_req=0, conf_state=0x0, iov=0x7fffffffdd90, iov_count=2, toktype=257)
> at k5sealiov.c:284
> 284 if (ctx->terminated || !ctx->established) {
> (gdb) bt full
> #0 kg_seal_iov (minor_
> conf_req_flag=0, qop_req=0, conf_state=0x0, iov=0x7fffffffdd90,
> iov_count=2, toktype=257) at k5sealiov.c:284
> ctx = <optimized out>
> #1 0x00007ffff7bbd24f in krb5_gss_
> context_
> iov=<optimized out>, iov_count=
> major_status = <optimized out>
> #2 0x00007ffff571be48 in gss_get_mic (minor=<optimized out>,
> ctx=<optimized out>, qop_req=<optimized out>,
> message_
> at get_mic.c:104
> major = <optimized out>
> iov = {{type = 1, buffer = {length = 3, value = 0x5555557a8720}}, {
> type = 65548, buffer = {length = 0, value = 0x0}}}
> #3 0x00007ffff7bacce4 in gss_get_mic (
> minor_status=
> context_
> message_
> msg_token=
> status = 0
> ctx = 0x55555575a080
> mech = 0x5555557a1ff0
> #4 0x000055555555662a in sign_server (s=s@entry=8,
> server_
> client_name = {length = 0, value = 0x5555557acbc0}
> recv_buf = {length = 63, value = 0x0}
> unwrap_buf = {length = 3, value = 0x5555557a8720}
> mic_buf = {length = 0, value = 0x0}
> msg_buf = 0x7fffffffdf40
> send_buf = <optimized out>
> context = 0x55555575a080
> maj_stat = <optimized out>
> min_stat = 0
> i = <optimized out>
> conf_state = 1
> ret_flags = 382
> cp = <optimized out>
> token_flags = 228
> send_flags = <optimized out>
> #5 0x0000555555555bea in worker_bee (param=
> work = 0x55555575a060
> #6 main (argc=<optimized out>, argv=<optimized out>) at gss-server.c:779
> work = 0x55555575a060
> service_name = <optimized out>
> server_creds = 0x55555575c460
> min_stat = 1
> port = <optimized out>
> once = 0
> do_inetd = 0
> export = 0
> (gdb)
> -- ends --
>
> To manage notifications about this bug go to:
> https:/
-- com/lukehoward
www.lukehoward.com
soundcloud.