Bug 869150
| Summary: | ldap_child crashes on using invalid keytab during gssapi connection | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Kaushik Banerjee <kbanerje> |
| Component: | sssd | Assignee: | Jakub Hrozek <jhrozek> |
| Status: | CLOSED ERRATA | QA Contact: | Kaushik Banerjee <kbanerje> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | high | ||
| Version: | 6.4 | CC: | dpal, grajaiya, jgalipea, pbrezina |
| Target Milestone: | rc | Keywords: | Regression |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | sssd-1.9.2-5.el6 | Doc Type: | Bug Fix |
| Doc Text: |
No Documentation Needed
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-02-21 09:38:03 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Upstream ticket: https://fedorahosted.org/sssd/ticket/1594 Fixed upstream. Verified in version 1.9.2-7 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: bz869150 ldap_child crashes when keytab file is missing :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Stopping sssd: [ OK ] :: [ PASS ] :: Running 'service sssd stop' :: [ PASS ] :: Running 'rm -fr /var/lib/sss/db/*.ldb /var/lib/sss/mc/*' Starting sssd: [ OK ] [ OK ] :: [ PASS ] :: Running 'service sssd start' :: [ PASS ] :: napping for 6 secs... id: puser1: No such user :: [ PASS ] :: File '/var/log/messages' should not contain 'segfault' '8de1dd5b-5d6f-4197-b9a4-b85c7e2c27f9' bz869150-ldap-child-crashes-when-keytab-file-is-missing result: PASS Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0508.html |
Description of problem: ldap_child crashes on using invalid keytab during gssapi connection. Version-Release number of selected component (if applicable): sssd-1.9.2-3.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Configure sssd for GSSAPI auth. 2. Use an invalid keytab /etc/krb5.keytab 3. Lookup a user or perform user auth. Actual results: Lookup/auth fails. /usr/libexec/sssd/ldap_child crashes. Expected results: Lookup/auth succeeds. Additional info: Backtrace: Core was generated by `/usr/libexec/sssd/ldap_child --debug-microseconds=0 --debug-timestamps=1 --debu'. Program terminated with signal 11, Segmentation fault. #0 __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32 32 movdqu (%rdi), %xmm1 Thread 1 (Thread 0x7fe59ee2f7c0 (LWP 2661)): #0 __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32 No locals. #1 0x0000000000404aaf in pack_buffer (r=0x16d89d0, result=0, krberr=0, msg=0x0, expire_time=0) at src/providers/ldap/ldap_child.c:111 len = <value optimized out> p = 0 __FUNCTION__ = "pack_buffer" #2 0x0000000000405f13 in prepare_response (argc=<value optimized out>, argv=<value optimized out>) at src/providers/ldap/ldap_child.c:391 ret = <value optimized out> r = 0x16d89d0 krb5_msg = 0x0 #3 main (argc=<value optimized out>, argv=<value optimized out>) at src/providers/ldap/ldap_child.c:523 ret = <value optimized out> kerr = 0 opt = <value optimized out> debug_fd = 18 pc = <value optimized out> main_ctx = 0x16d7410 buf = <value optimized out> len = <value optimized out> ccname = 0x0 expire_time = 0 ibuf = <value optimized out> resp = 0x0 written = <value optimized out> long_options = {{longName = 0x0, shortName = 0 '\000', argInfo = 4, arg = 0x60ed20, val = 0, descrip = 0x40ce78 "Help options:", argDescrip = 0x0}, {longName = 0x40ce86 "debug-level", shortName = 100 'd', argInfo = 2, arg = 0x60ee08, val = 0, descrip = 0x40ce57 "Debug level", argDescrip = 0x0}, {longName = 0x40ce92 "debug-timestamps", shortName = 0 '\000', argInfo = 2, arg = 0x60ecf4, val = 0, descrip = 0x40ce63 "Add debug timestamps", argDescrip = 0x0}, {longName = 0x40cea3 "debug-microseconds", shortName = 0 '\000', argInfo = 2, arg = 0x60ecf8, val = 0, descrip = 0x40ca18 "Show timestamps with microseconds", argDescrip = 0x0}, {longName = 0x40ceb6 "debug-fd", shortName = 0 '\000', argInfo = 2, arg = 0x7fff984db19c, val = 0, descrip = 0x40ca40 "An open file descriptor for the debug logs", argDescrip = 0x0}, {longName = 0x0, shortName = 0 '\000', argInfo = 0, arg = 0x0, val = 0, descrip = 0x0, argDescrip = 0x0}} __FUNCTION__ = "main"