Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1043962

Summary: Backport fixes from upstream
Product: Red Hat Enterprise Linux 7 Reporter: Simo Sorce <ssorce>
Component: krb5Assignee: Nalin Dahyabhai <nalin>
Status: CLOSED CURRENTRELEASE QA Contact: Patrik Kis <pkis>
Severity: high Docs Contact:
Priority: high    
Version: 7.0CC: dpal, ksrot, pkis, ssorce
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: krb5-1.11.3-40.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-13 11:40:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Simo Sorce 2013-12-17 14:09:10 UTC 
A couple of memleaks and interoperability issues were recently fixed upstream that affect spnego (and therefore HTTP Negotiate) code.

Please backport the following commits:

Interop issue:
- 13fd26e1863c79f616653f6a10a58c01f65fceff
    Avoid malloc(0) in SPNEGO get_input_token

- 37af638b742dbd642eb70092e4f7781c3f69d86d
    Fix SPNEGO one-hop interop against old IIS

Memleaks:
- 1cda48a7ed4069cfc052f974ec3d76a9137c8c5a
    Fix memory leak in SPNEGO initiator 

- decccbcb5075f8fbc28a535a9b337afc84a15dee
    Fix GSS krb5 acceptor acquire_cred error handling
Comment 3 Simo Sorce 2013-12-18 13:35:37 UTC 
Check for presence will suffice
Comment 4 Nalin Dahyabhai 2013-12-18 22:12:53 UTC 
I'd like to add https://github.com/krb5/krb5/commit/c452644d91d57d8b05ef396a029e34d0c7a48920 to this list, if that's still an option.  From out-of-band conversations, I'm given to understand that the freeradius package uses the function that it fixes.
Comment 5 Nalin Dahyabhai 2013-12-18 22:25:20 UTC 
(In reply to Nalin Dahyabhai from comment #4)
> I'd like to add
> https://github.com/krb5/krb5/commit/c452644d91d57d8b05ef396a029e34d0c7a48920
> to this list, if that's still an option.  From out-of-band conversations,
> I'm given to understand that the freeradius package uses the function that
> it fixes.

Never mind this bit; we now have bug #1044739 to track it.
Comment 6 Simo Sorce 2013-12-18 22:35:43 UTC 
I would like to add this to the list:
https://github.com/krb5/krb5/commit/d160bc733a3dbeb6d84f4e175234ff18738d9f66

It is not really amemleak, but it is yet another issue I fixed in the spnego code after I spent 2 hours diagnosing a problem that would have been obvious if spnego actually did report mechanism errors.

I can open a separate bug if that's better.
Comment 9 Nalin Dahyabhai 2013-12-19 14:45:23 UTC 
(In reply to Simo Sorce from comment #6)
> I would like to add this to the list:
> https://github.com/krb5/krb5/commit/d160bc733a3dbeb6d84f4e175234ff18738d9f66

Okay, I think we'll add that to the set.
Comment 12 Ludek Smid 2014-06-13 11:40:39 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.