Red Hat Bugzilla – Bug 214207
Last modified: 2007-11-30 17:11:47 EST
Description of problem:
mod_auth_kerb seems to corrupt the username:
| XXXXXX - ensc@XXXXX [06/Nov/2006:16:55:32 +0100] "GET ...
| XXXXXX - \x02 [06/Nov/2006:16:55:34 +0100]
| ... using cached name , referer: ...
| ... using cached name o_mini.png, ...
This seems to be caused by the -cache patch which does:
| MK_USER = apr_pstrdup(r->pool, output_token.value);
| rv = apr_pool_userdata_set(r->user, NAMEKEY, NULL, r->connection->pool);
| if (apr_pool_userdata_get(&data, NAMEKEY, r->connection->pool) == APR_SUCCESS
When having a multi-request connection, the 'r->pool' might be freed
while the 'r->connection->pool' is still alive and returns corrupted
I suggest to write
|- MK_USER = apr_pstrdup(r->pool, output_token.value);
|+ MK_USER = apr_pstrdup(r->connection->pool, output_token.value);
which seems to fix the problem for me.
Version-Release number of selected component (if applicable):
Good catch, thanks!
This bug was fixed in today's update for FC5, but it remains open for FC6. I can
confirm that rebuilding 5.3-2 under FC6 solves the problem (it was triggering
very bizarre error messages from Subversion for us). Please release an official
FC6 package as well.
Ah, sorry, I forgot to hit the "push" button on the FC6 update yesterday, it's
on its way now.
mod_auth_kerb-5.3-2.fc6 has been pushed for fc6, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.