Bug 734098

Summary: mod_auth_kerb threading problems
Product: Red Hat Enterprise Linux 5 Reporter: Tomas Herfert <therfert>
Component: mod_auth_kerbAssignee: Joe Orton <jorton>
Status: CLOSED ERRATA QA Contact: Zbysek MRAZ <zmraz>
Severity: high Docs Contact:
Priority: high    
Version: 5.7CC: ebenes, jpallich, lmiksik, mschick, msvoboda, omoris, rwilliam, syeghiay, vjuranek
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
The mod_auth_kerb module did not use the Kerberos libraries in a thread-safe way. Therefore, if mod_auth_kerb ran under a multi-threaded Apache HTTP Server, authentication requests could terminate unexpectedly with a segmentation fault. With this update, the thread-safety problem has been fixed, and thread crashes no longer occur under these circumstances.
 Story Points: ---
Clone Of:
: 1298123 1332249 (view as bug list) Environment:
Last Closed: 2013-01-08 07:32:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 783228    
Attachments:
Description Flags
error_log.gz none

Description Tomas Herfert 2011-08-29 13:06:15 UTC 
Created attachment 520390 [details]
error_log.gz

Description of problem:
mod_auth_kerb doesn't work properly with worker MPM.

There are the following errors in the log (please find whole error_log attached):

[Mon Aug 29 08:23:55 2011] [notice] child pid 12884 exit signal Bus error (7)
[Mon Aug 29 08:23:57 2011] [notice] child pid 12938 exit signal Segmentation fault (11)
[Mon Aug 29 08:24:02 2011] [notice] child pid 12968 exit signal Segmentation fault (11)
[Mon Aug 29 08:24:03 2011] [notice] child pid 12970 exit signal Segmentation fault (11)
*** glibc detected *** /usr/sbin/httpd.worker: double free or corruption (fasttop): 0x00002aaabc000fe0 ***
======= Backtrace: =========
/lib64/libc.so.6[0x2af75241c45f]
/lib64/libc.so.6(cfree+0x4b)[0x2af75241c8bb]
/usr/lib64/libkrb5.so.3[0x2af75378a9e8]
/etc/httpd/modules/mod_auth_kerb.so[0x2af75ab5520e]
/usr/sbin/httpd.worker(ap_run_check_user_id+0x72)[0x2af7504a3652]
/usr/sbin/httpd.worker(ap_process_request_internal+0x237)[0x2af7504a4857]
/usr/sbin/httpd.worker(ap_process_request+0x198)[0x2af7504b6058]
/usr/sbin/httpd.worker[0x2af7504b32a0]
/usr/sbin/httpd.worker(ap_run_process_connection+0x72)[0x2af7504af632]
/usr/sbin/httpd.worker[0x2af7504baaf7]
/lib64/libpthread.so.0[0x2af751f9073d]
/lib64/libc.so.6(clone+0x6d)[0x2af75247e4bd]
======= Memory map: ========


Version-Release number of selected component (if applicable):
mod_auth_kerb-5.1-3.el5
httpd-2.2.3-53.el5


How reproducible:
MPM worker, mod_auth_kerb authentication with "KrbMethodK5Passwd on". 

ab -n 1000 -c 100 -A username:password http://hostname/

Actual results:
Lot of "Failed requests" in the ab's output. Server error_log is full of errors.

If user try to open real page (with images, styles etc.) in browser, it looks broken - lot of images are missing etc.

Expected results:
No failed requests. No errors in the error_log.

Additional info:
It seems to be fixed in upstream since Oct 2 2008:
http://modauthkerb.cvs.sourceforge.net/viewvc/modauthkerb/mod_auth_kerb/src/mod_auth_kerb.c?r1=1.141&r2=1.142
Comment 1 Vojtech Juranek 2011-09-23 19:40:06 UTC 
Hi, any progress with this issue? It's a blocker for us.
Thanks
Vojtech
Comment 7 Miroslav Svoboda 2012-01-23 15:39:05 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
The mod_auth_kerb module did not use the Kerberos libraries in a thread-safe way. Therefore, if mod_auth_kerb ran under a multi-threaded Apache HTTP Server, authentication requests could terminate unexpectedly with a segmentation fault. With this update, the thread-safety problem has been fixed, and thread crashes no longer occur under these circumstances.
Comment 12 errata-xmlrpc 2013-01-08 07:32:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-0078.html