Bug 869150 - ldap_child crashes on using invalid keytab during gssapi connection
ldap_child crashes on using invalid keytab during gssapi connection
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: sssd (Show other bugs)
6.4
Unspecified Unspecified
high Severity unspecified
: rc
: ---
Assigned To: Jakub Hrozek
Kaushik Banerjee
: Regression
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-10-23 03:15 EDT by Kaushik Banerjee
Modified: 2013-06-03 10:20 EDT (History)
4 users (show)

See Also:
Fixed In Version: sssd-1.9.2-5.el6
Doc Type: Bug Fix
Doc Text:
No Documentation Needed
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-21 04:38:03 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kaushik Banerjee 2012-10-23 03:15:39 EDT
Description of problem:
ldap_child crashes on using invalid keytab during gssapi connection.

Version-Release number of selected component (if applicable):
sssd-1.9.2-3.el6.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Configure sssd for GSSAPI auth.

2. Use an invalid keytab /etc/krb5.keytab

3. Lookup a user or perform user auth.
  
Actual results:
Lookup/auth fails. /usr/libexec/sssd/ldap_child crashes.

Expected results:
Lookup/auth succeeds.

Additional info:
Backtrace:
Core was generated by `/usr/libexec/sssd/ldap_child --debug-microseconds=0 --debug-timestamps=1 --debu'.
Program terminated with signal 11, Segmentation fault.
#0  __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32
32		movdqu	(%rdi), %xmm1

Thread 1 (Thread 0x7fe59ee2f7c0 (LWP 2661)):
#0  __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32
No locals.
#1  0x0000000000404aaf in pack_buffer (r=0x16d89d0, result=0, krberr=0, msg=0x0, expire_time=0) at src/providers/ldap/ldap_child.c:111
        len = <value optimized out>
        p = 0
        __FUNCTION__ = "pack_buffer"
#2  0x0000000000405f13 in prepare_response (argc=<value optimized out>, argv=<value optimized out>) at src/providers/ldap/ldap_child.c:391
        ret = <value optimized out>
        r = 0x16d89d0
        krb5_msg = 0x0
#3  main (argc=<value optimized out>, argv=<value optimized out>) at src/providers/ldap/ldap_child.c:523
        ret = <value optimized out>
        kerr = 0
        opt = <value optimized out>
        debug_fd = 18
        pc = <value optimized out>
        main_ctx = 0x16d7410
        buf = <value optimized out>
        len = <value optimized out>
        ccname = 0x0
        expire_time = 0
        ibuf = <value optimized out>
        resp = 0x0
        written = <value optimized out>
        long_options = {{longName = 0x0, shortName = 0 '\000', argInfo = 4, arg = 0x60ed20, val = 0, descrip = 0x40ce78 "Help options:", argDescrip = 0x0}, {longName = 0x40ce86 "debug-level", shortName = 100 'd', argInfo = 2, arg = 0x60ee08, val = 0, descrip = 0x40ce57 "Debug level", argDescrip = 0x0}, {longName = 0x40ce92 "debug-timestamps", shortName = 0 '\000', argInfo = 2, arg = 0x60ecf4, val = 0, descrip = 0x40ce63 "Add debug timestamps", argDescrip = 0x0}, {longName = 0x40cea3 "debug-microseconds", shortName = 0 '\000', argInfo = 2, arg = 0x60ecf8, val = 0, descrip = 0x40ca18 "Show timestamps with microseconds", argDescrip = 0x0}, {longName = 0x40ceb6 "debug-fd", shortName = 0 '\000', argInfo = 2, arg = 0x7fff984db19c, val = 0, descrip = 0x40ca40 "An open file descriptor for the debug logs", argDescrip = 0x0}, {longName = 0x0, shortName = 0 '\000', argInfo = 0, arg = 0x0, val = 0, descrip = 0x0, argDescrip = 0x0}}
        __FUNCTION__ = "main"
Comment 2 Jakub Hrozek 2012-10-23 06:24:38 EDT
Upstream ticket:
https://fedorahosted.org/sssd/ticket/1594
Comment 4 Jakub Hrozek 2012-10-24 12:26:32 EDT
Fixed upstream.
Comment 7 Kaushik Banerjee 2012-11-09 06:22:29 EST
Verified in version 1.9.2-7

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:: [   LOG    ] :: bz869150 ldap_child crashes when keytab file is missing
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Stopping sssd: [  OK  ]
:: [   PASS   ] :: Running 'service sssd stop'
:: [   PASS   ] :: Running 'rm -fr /var/lib/sss/db/*.ldb /var/lib/sss/mc/*'
Starting sssd: [  OK  ]
[  OK  ]
:: [   PASS   ] :: Running 'service sssd start'
:: [   PASS   ] :: napping for 6 secs...
id: puser1: No such user
:: [   PASS   ] :: File '/var/log/messages' should not contain 'segfault'
'8de1dd5b-5d6f-4197-b9a4-b85c7e2c27f9'
bz869150-ldap-child-crashes-when-keytab-file-is-missing result: PASS
Comment 8 errata-xmlrpc 2013-02-21 04:38:03 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0508.html

Note You need to log in before you can comment on or make changes to this bug.