From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.7) Gecko/20050509 Fedora/1.0.3-5 Firefox/1.0.3 Description of problem: I am testing nfsv4 with sec=krb5 where the kerberos server is Active Directory. It seems that the AP-REQ ticket is too big for rpc.svcgssd process (1196 bytes I think) which reports the errors May 10 12:57:14 xxx rpc.svcgssd[1919]: WARNING: gss_accept_sec_context failed May 10 12:57:14 xxx rpc.svcgssd[1919]: ERROR: GSS-API: error in handle_nullreq: gss_accept_sec_context(): A token was invalid - Token header is malformed or corrupt then crashes. If I increase the size of the token buffer (see the patch I will attach) then nfsv4 starts working, but rpc.svcgssd shouldn't crash if it gets tokens it doesn't like. Version-Release number of selected component (if applicable): nfs-utils-1.0.7-6 How reproducible: Always Steps to Reproduce: 1. Send a big AP-REQ token to rpc.svcgssd Additional info:
Created attachment 114288 [details] Patch to increase a buffer size and avoid the problem
thanks for the patch! The should be fixed in nfs-utils-1.0.7-7
Closing bugs in MODIFIED state from prior Fedora releases. If this bug persists in a current Fedora release (such as Fedora Core 5 or later), please reopen and set the version appropriately.