kpropd -S -P <port> fails to use specified port

Bug #801718 reported by Monestri
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
krb5 (Debian)
Fix Released
Unknown
krb5 (Ubuntu)
Medium
Unassigned

Bug Description

This prevents people from using multiple kpropd instances on standalone mode. It seems as though getaddrinfo is using kprop_service, instead 0f the -P port specified.

Running Ubuntu 10.10
1.8.1+dfsg-5ubuntu0.7 0

ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: krb5-kdc 1.8.1+dfsg-5ubuntu0.7
ProcVersionSignature: Ubuntu 2.6.35-28.50-generic 2.6.35.11
Uname: Linux 2.6.35-28-generic x86_64
Architecture: amd64
Date: Fri Jun 24 15:20:20 2011
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: krb5

Revision history for this message
Monestri (monestri) wrote :
Revision history for this message
Taylor Yu (tlyu) wrote :

This bug originates from a Debian patch to krb5-1.8 that adds IPv6 support to kpropd. The Debian version of krb5-1.9 doesn't have this problem. It is probably not difficult to fix Debian's krb5-1.8 patch, but this should probably be coordinated with the Debian maintainers.

Revision history for this message
Dave Walker (davewalker) wrote :

This needs to be triaged to check that it is fixed in Oneiric (current development version), which has 1.9.1+dfsg-1ubuntu1.

One this is confirmed, the change (either with distro patches) or upstream resolution that fixed this needs to be identified.

Thanks.

Revision history for this message
Sam Hartman (hartmans) wrote : Re: [Bug 801718] Re: kpropd -S -P <port> fails to use specified port

>>>>> "Tom" == Tom Yu <email address hidden> writes:

    Tom> This bug originates from a Debian patch to krb5-1.8 that adds
    Tom> IPv6 support to kpropd. The Debian version of krb5-1.9 doesn't
    Tom> have this problem. It is probably not difficult to fix Debian's
    Tom> krb5-1.8 patch, but this should probably be coordinated with
    Tom> the Debian maintainers.

It's not the kind of fix that would make it into Debian stable, so
there's really no Debian issue here.

Revision history for this message
Taylor Yu (tlyu) wrote :

Dave Walker <email address hidden> writes:

> One this is confirmed, the change (either with distro patches) or
> upstream resolution that fixed this needs to be identified.

Upstream has no resolution for this problem as such; we implemented
IPv6 support for kpropd in krb5-1.9 based on the patch that Debian
used for 1.8.1+dfsg-1, but we did not introduce this particular bug
while doing so. It might be possible to backport to krb5-1.8.x our
krb5-1.9 changes that implement IPv6 support for kpropd, but I'm not
sure how difficult that would be.

Revision history for this message
Monestri (monestri) wrote :

kprop is also broken:

13:24 < safire> strace kprop -r A.EXAMPLE.COM -P 8888 -f /tmp/db slave
13:24 < safire> connect(4, {sa_family=AF_INET, sin_port=htons(754), sin_addr=inet_addr("172.24.3.72")}, 16) = 0

Clearly.. it's not even trying to connect on the port I'm specifying.

End result: Multiple realms on one server are impossible as long as one uses kprop as a propegation method.

Revision history for this message
Taylor Yu (tlyu) wrote :

Monestri <email address hidden> writes:

> kprop is also broken:
>
> 13:24 < safire> strace kprop -r A.EXAMPLE.COM -P 8888 -f /tmp/db slave
> 13:24 < safire> connect(4, {sa_family=AF_INET, sin_port=htons(754), sin_addr=inet_addr("172.24.3.72")}, 16) = 0
>
> Clearly.. it's not even trying to connect on the port I'm specifying.

Yes, by inspection, the patch to slave/kprop.c in the Debian patch
file for 1.8.1 has the same bug as the patch for slave/kpropd.c.

Dave Walker (davewalker)
Changed in krb5 (Ubuntu):
importance: Undecided → Medium
status: New → Confirmed
Changed in krb5 (Debian):
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.