Description of problem: mod_auth_kerb seems to corrupt the username: | XXXXXX - ensc@XXXXX [06/Nov/2006:16:55:32 +0100] "GET ... | XXXXXX - \x02 [06/Nov/2006:16:55:34 +0100] Logfile shows | ... using cached name , referer: ... | ... using cached name o_mini.png, ... like entries. This seems to be caused by the -cache patch which does: | MK_USER = apr_pstrdup(r->pool, output_token.value); | ... | rv = apr_pool_userdata_set(r->user, NAMEKEY, NULL, r->connection->pool); | ---- | if (apr_pool_userdata_get(&data, NAMEKEY, r->connection->pool) == APR_SUCCESS When having a multi-request connection, the 'r->pool' might be freed while the 'r->connection->pool' is still alive and returns corrupted memory. I suggest to write |- MK_USER = apr_pstrdup(r->pool, output_token.value); |+ MK_USER = apr_pstrdup(r->connection->pool, output_token.value); which seems to fix the problem for me. Version-Release number of selected component (if applicable): mod_auth_kerb-5.1-3
Good catch, thanks!
This bug was fixed in today's update for FC5, but it remains open for FC6. I can confirm that rebuilding 5.3-2 under FC6 solves the problem (it was triggering very bizarre error messages from Subversion for us). Please release an official FC6 package as well.
Ah, sorry, I forgot to hit the "push" button on the FC6 update yesterday, it's on its way now.
mod_auth_kerb-5.3-2.fc6 has been pushed for fc6, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.