Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 446844

Summary: in.authd gives strange response, segfaults
Product: Red Hat Enterprise Linux 5 Reporter: Tor Ake Fransson <tor-ake>
Component: authdAssignee: Roman Rakus <rrakus>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: low    
Version: 5.1CC: msusta, rvokal, sghosh, tsmetana
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-04-22 12:52:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Corrected va_{start, end} calls none

Description Tor Ake Fransson 2008-05-16 13:03:18 UTC 
Description of problem:
in.authd gives strange response, segfaults

Version-Release number of selected component (if applicable):
1.4.3-9

How reproducible:
Erronous response intermittent, segfaults when enabling debug

Steps to Reproduce (segfault):
1. Configure xinetd auth service as per default, but change -E to -l0x0 and add
the -d (debug flag)
2. Reload xinetd
3. From another machine, printf "42402,5433"|nc server 113
  
Actual results:
kernel: in.authd[9790]: segfault at 0000000000001538 rip 0000003f04c
76170 rsp 00007fff30cc2478 error 4 in /var/log/messages

Expected results:
42402 , 5433 : ERROR :NO-USER


Additional info:
When using postgres (8.2.6) identd authentication, the following sporadically
appears in pg_log:
CESTLOG:  invalidly formatted response from Ident server: "49795 , 
5432 : ERROR :trans

"trans" is the user trying to connect, and if in.authd finds the port pair and
the user, the response should be "49795 , 5432 : USERID : Linux :trans", but an
eror flag is set somewhere inside authd.c.
Comment 1 Roman Rakus 2008-05-21 13:26:24 UTC 
Bad work with valist. va_start and va_end must be called twice.
Comment 2 Roman Rakus 2008-05-21 13:27:34 UTC 
Created attachment 306246 [details]
Corrected va_{start, end} calls
Comment 3 Tor Ake Fransson 2008-06-11 12:09:05 UTC 
After replacing authd with gidentd it is apparent that the latter case when
authd responds "port,port : ERROR :user" (found a valid user but error flag is
set) is due to a corner case when get_info first fails at authd.c:894, setting
the out.error flag (and putting error information in out.s) and then succeeds in
one of the retries, replacing the out.s error message with the username but not
clearing out.error.

There are several places in get_info() where setting out->error is done without
logging a warning, so there is currently no way of knowing what actually went
wrong, as out.s is overwritten.
Comment 4 RHEL Program Management 2008-07-21 23:02:34 UTC 
This request was evaluated by Red Hat Product Management for
inclusion, but this component is not scheduled to be updated in
the current Red Hat Enterprise Linux release. If you would like
this request to be reviewed for the next minor release, ask your
support representative to set the next rhel-x.y flag to "?".
Comment 7 Roman Rakus 2009-03-31 11:32:33 UTC 
Fixed in authd-1.4.3-10
Comment 11 errata-xmlrpc 2009-04-22 12:52:04 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0442.html