[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3910) smbk5pwd and heimdal 0.7 is coredumping

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#3910) smbk5pwd and heimdal 0.7 is coredumping
From: hyc@symas.com
Date: Tue, 2 Aug 2005 00:25:53 GMT

pfnguyen@best.com wrote:
>  I've recently installed Heimdal 0.7 fresh along with smbk5pwd, but I
>  cannot get smbk5pwd to load (sigsegv in slapd).  I am able to
>  successfully init the realm and a test key into LDAP using kadmin -l.
>  I've also run /usr/heimdal/bin/kstash to get a key stored into
>  /var/heimdal/m-key, and the permissions are usable such that the user
>  running slapd can read it.

As I noted on the Heimdal list, this code was written for Heimdal 0.5. 
We can address any patches needed for compatibility with 0.7 in this ITS.

>  Is there a compatibility problem with the newer versions of Heimdal?
>  When did the rename of master_key_set to hdb_master_key_set occur?
>  Does anything else need to be changed for smbk5pwd to work with the
>  latest versions of Heimdal krb5?

>  Some additional investigations indicates that context is not properly
>  getting initialized during the call to krb5_init_context in
>  smbk5pwd_init (for example, context->mutex is not getting set):
>
>  Breakpoint 4, smbk5pwd_init () at smbk5pwd.c:521 521             ret
>  = krb5_init_context(&context); (gdb) n 522             if (ret) {
>  (gdb) print ((krb5_context) context)->mutex $2 = (void *) 0x0
>
>  Some similar code that is in add-random-users.c of the heimdal
>  distribution also calls krb5_init_context and
>  kadm5_s_init_with_password_ctx, in this instance context->mutex is
>  getting initialized.  The code on both sides appears to be
>  "identical"
>
>  Breakpoint 2, main (argc=0, argv=Variable "argv" is not available. )
>  at add-random-users.c:118 118         ret =
>  krb5_init_context(&context); (gdb) n 119         if (ret) (gdb) 121
>  ret = kadm5_s_init_with_password_ctx(context, (gdb) s
>  kadm5_s_init_with_password_ctx (context=0x8f8a008,
>  client_name=0x80490af "kadmin/admin", password=0x0,
>  service_name=0x80490af "kadmin/admin", realm_params=0x1,
>  struct_version=1, api_version=1, server_handle=0x1) at init_s.c:94 94
>  return kadm5_s_init_with_context(context, (gdb) print context->mutex
>  $2 = (void *) 0x8f8a190
>
>  Are there any sort of compile flags to smbk5pwd that prevents
>  krb5_init_context from working properly?

This appears to be an issue in the Heimdal library, and you should 
continue investigating this on the Heimdal mailing list. There is no 
reason the same library call should work for add-random-users but fail 
for smbk5pwd, and there is no other parameter besides the context 
pointer itself for the krb5_init_context call, so there's nothing more 
we can control from the smbk5pwd side of things.

-- 
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/

Prev by Date: Re: (ITS#3908) Assertion in ber_get_next
Next by Date: (ITS#3912) TLS included when not configured
Index(es):
- Chronological
- Thread