[Logout]
|
RT/krbdev.mit.edu: Ticket #5629 gss_init_sec_context does not release output token buffer when used with spnego mech |
Signed in as guest. [Logout] |
|
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| History | Display mode: [Brief headers] [Full headers] |
| Mon Aug 6 19:43:09 2007 | RT_System - Ticket created | ||||
From krb5-bugs-incoming-bounces@PCH.MIT.EDU Mon Aug 6 19:42:58 2007
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.12.9) with
ESMTP
id l76NgwHW021368; Mon, 6 Aug 2007 19:42:58 -0400 (EDT)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1])
by pch.mit.edu (8.13.6/8.12.8) with ESMTP id l76NgrTi005811;
Mon, 6 Aug 2007 19:42:53 -0400
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
[18.7.21.83])
by pch.mit.edu (8.13.6/8.12.8) with ESMTP id l76NdZ07005272
for <krb5-bugs-incoming@PCH.mit.edu>; Mon, 6 Aug 2007 19:39:35 -0400
Received: from mit.edu (M24-004-BARRACUDA-2.MIT.EDU [18.7.7.112])
by pacific-carrier-annex.mit.edu (8.13.6/8.9.2) with ESMTP id
l76NdXZ9015072
for <krb5-bugs@mit.edu>; Mon, 6 Aug 2007 19:39:33 -0400 (EDT)
Received: from ptb-relay03.plus.net (ptb-relay03.plus.net [212.159.14.214])
(using TLSv1 with cipher AES256-SHA (256/256 bits))
(No client certificate requested)
by mit.edu (Spam Firewall) with ESMTP id 4C5D16DCD72
for <krb5-bugs@mit.edu>; Mon, 6 Aug 2007 19:39:32 -0400 (EDT)
Received: from [81.174.172.105] (helo=opensuse.suse.home)
by ptb-relay03.plus.net with esmtp (Exim) id 1IICAa-00067M-JK
for krb5-bugs@mit.edu; Tue, 07 Aug 2007 00:39:28 +0100
Received: by opensuse.suse.home (Postfix, from userid 1000)
id D6ED1B840A; Tue, 7 Aug 2007 00:39:07 +0100 (BST)
To: krb5-bugs@mit.edu
From: huaraz@moeller.plus.com
X-send-pr-version: 3.99
Message-Id: <20070806233907.D6ED1B840A@opensuse.suse.home>
Date: Tue, 7 Aug 2007 00:39:07 +0100 (BST)
X-Spam-Score: 2.002
X-Spam-Level: ** (2.002)
X-Spam-Flag: NO
X-Scanned-By: MIMEDefang 2.42
X-Mailman-Approved-At: Mon, 06 Aug 2007 19:42:51 -0400
X-BeenThere: krb5-bugs-incoming@mailman.mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
Reply-To: huaraz@moeller.plus.com
Sender: krb5-bugs-incoming-bounces@PCH.MIT.EDU
Errors-To: krb5-bugs-incoming-bounces@PCH.MIT.EDU
>Submitter-Id: net
>Originator: Markus Moeller
>Organization: privat
>Confidential: no
>Synopsis: gss_init_sec_context does not release output token buffer when used with
spnego mech
>Severity: non-critical
>Priority: medium
>Category: krb5-libs
>Class: sw-bug
>Release: 1.6.1
>Environment: i686 GNU/Linux
System: Linux OpenSuse 2.6.18.8-0.3-default #1 SMP Tue Apr 17 08:42:35 UTC 2007 i686
i686 i386 GNU/Linux
Architecture: i686
>Description: When creating gss context for spnego mechanism the output token is not
released
>How-To-Repeat: Use following code
static gss_OID_desc _gss_mech_spnego = {6, (void
*)"\x2b\x06\x01\x05\x05\x02"};
gss_OID gss_mech_spnego = &_gss_mech_spnego;
const char *create_token(int spnego, const char *server) {
OM_uint32 major_status, minor_status;
gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT;
gss_name_t server_name = GSS_C_NO_NAME;
gss_buffer_desc service = GSS_C_EMPTY_BUFFER;
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
const char *token = NULL;
setbuf(stdout,NULL);
setbuf(stdin,NULL);
if (!server) {
fprintf(stderr, "%s| %s: Error: No server name\n", LogTime(), PROGRAM);
return NULL;
}
service.value = malloc(strlen("HTTP")+strlen(server)+2);
snprintf(service.value,strlen("HTTP")+strlen(server)+2,"%s@%s","HTTP",server);
service.length = strlen((char *)service.value);
major_status = gss_import_name(&minor_status, &service,
gss_nt_service_name, &server_name);
if (check_gss_err(major_status,minor_status,"gss_import_name()") )
goto cleanup;
if (spnego) {
major_status = gss_init_sec_context(&minor_status,
GSS_C_NO_CREDENTIAL,
&gss_context,
server_name,
gss_mech_spnego,
0,
0,
GSS_C_NO_CHANNEL_BINDINGS,
&input_token,
NULL,
&output_token,
NULL,
NULL);
} else {
major_status = gss_init_sec_context(&minor_status,
GSS_C_NO_CREDENTIAL,
&gss_context,
server_name,
GSS_C_NO_OID,
0,
0,
GSS_C_NO_CHANNEL_BINDINGS,
&input_token,
NULL,
&output_token,
NULL,
NULL);
}
if (check_gss_err(major_status,minor_status,"gss_init_sec_context()") )
goto cleanup;
if (output_token.length) {
token = "OK";
}
cleanup:
gss_delete_sec_context(&minor_status, &gss_context, NULL);
gss_release_buffer(&minor_status, &service);
gss_release_buffer(&minor_status, &input_token);
gss_release_buffer(&minor_status, &output_token);
gss_release_name(&minor_status, &server_name);
return token;
}
int main(int argc, char *argv[]) {
const char *Token;
int opt,i=10;
int spnego=0;
while (-1 != (opt = getopt(argc, argv, "s"))) {
switch (opt) {
case 's':
spnego = 1;
break;
default:
fprintf(stderr, "%s| %s: unknown option: -%c.\n", LogTime(), PROGRAM, opt);
}
}
fprintf(stdout,"Spnego : %d\n",spnego);
while (i--) {
Token = (const char *)create_token(spnego,"w2k3.windows2003.home");
fprintf(stdout,"Token: %s\n",Token);
}
return(0);
}
>Fix: None
|
Download (untitled) 5.7k |
||||
| Mon Aug 6 19:43:17 2007 | RT_System - Component krb5-libs added | ||||
| Tue Aug 7 16:13:16 2007 | tlyu - Given to tlyu | ||||
| Tue Aug 7 16:13:17 2007 | tlyu - Target_Version 1.6.3 added | ||||
| Tue Aug 7 16:13:17 2007 | tlyu - Status changed from open to resolved | ||||
| Tue Aug 7 16:13:18 2007 | tlyu - Version_reported 1.6.1 added | ||||
| Tue Aug 7 16:13:18 2007 | tlyu - Tags pullup added | ||||
| Tue Aug 7 16:13:18 2007 | tlyu - Correspondence added | ||||
From: tlyu@mit.edu Subject: SVN Commit Release mechtok_out in spnego_gss_init_sec_context. Reported by Markus Moeller. Commit By: tlyu Revision: 19757 Changed Files: _U trunk/ U trunk/src/lib/gssapi/spnego/spnego_mech.c |
Download (untitled) 189b |
||||
| Tue Aug 7 16:15:07 2007 | tlyu - Correspondence added | ||||
To: rt@krbdev.mit.edu
Subject: Re: [krbdev.mit.edu #5629] gss_init_sec_context does not release output token buffer when used with spnego mech
From: Tom Yu <tlyu@MIT.EDU>
Date: Tue, 07 Aug 2007 16:14:55 -0400
RT-Send-Cc:
Please try the following patch and let us know if it resolves the
output token buffer leak.
Index: src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- src/lib/gssapi/spnego/spnego_mech.c (revision 19756)
+++ src/lib/gssapi/spnego/spnego_mech.c (revision 19757)
@@ -835,6 +835,7 @@
ret = GSS_S_FAILURE;
}
}
+ gss_release_buffer(tmpmin, &mechtok_out);
if (ret == GSS_S_COMPLETE) {
/*
* Now, switch the output context to refer to the
|
Download (untitled) 507b |
||||
| Tue Aug 7 19:02:37 2007 | huaraz@moeller.plus.com - Comments added | ||||
From: "Markus Moeller" <huaraz@moeller.plus.com>
To: <rt-comment@krbdev.mit.edu>
Subject: Re: [krbdev.mit.edu #5629] gss_init_sec_context does not release output token buffer when used with spnego mech
Date: Wed, 8 Aug 2007 00:02:14 +0100
RT-Send-Cc:
Tom,
yes that solves this one:
==9846== 1,282 bytes in 1 blocks are definitely lost in loss record 35 of 36
==9846== at 0x40235B5: malloc (in
/usr/lib/valgrind/x86-linux/vgpreload_memcheck.so)
==9846== by 0x4046673: make_ap_req_v1 (init_sec_context.c:320)
==9846== by 0x4046D74: new_connection (init_sec_context.c:561)
==9846== by 0x4047C95: krb5_gss_init_sec_context (init_sec_context.c:943)
==9846== by 0x404D080: k5glue_init_sec_context (krb5_gss_glue.c:675)
==9846== by 0x403473E: gss_init_sec_context (g_init_sec_context.c:211)
==9846== by 0x4052DA9: init_ctx_call_init (spnego_mech.c:687)
==9846== by 0x4052FF9: spnego_gss_init_sec_context (spnego_mech.c:801)
==9846== by 0x403473E: gss_init_sec_context (g_init_sec_context.c:211)
Markus
----- Original Message -----
From: "Tom Yu via RT" <rt-comment@krbdev.mit.edu>
To: <huaraz@moeller.plus.com>
Sent: Tuesday, August 07, 2007 9:15 PM
Subject: Re: [krbdev.mit.edu #5629] gss_init_sec_context does not release
output token buffer when used with spnego mech
> Please try the following patch and let us know if it resolves the
> output token buffer leak.
>
> Index: src/lib/gssapi/spnego/spnego_mech.c
> ===================================================================
> --- src/lib/gssapi/spnego/spnego_mech.c (revision 19756)
> +++ src/lib/gssapi/spnego/spnego_mech.c (revision 19757)
> @@ -835,6 +835,7 @@
> ret = GSS_S_FAILURE;
> }
> }
> + gss_release_buffer(tmpmin, &mechtok_out);
> if (ret == GSS_S_COMPLETE) {
> /*
> * Now, switch the output context to refer to the
>
>
>
|
Download (untitled) 1.5k |
||||
| Fri Aug 31 16:55:18 2007 | tlyu - Version_Fixed 1.6.3 added | ||||
| Fri Aug 31 16:55:19 2007 | tlyu - Correspondence added | ||||
From: tlyu@mit.edu Subject: SVN Commit pull up r19757 from trunk r19757@cathode-dark-space: tlyu | 2007-08-07 16:13:11 -0400 ticket: 5629 version_reported: 1.6.1 target_version: 1.6.3 tags: pullup Release mechtok_out in spnego_gss_init_sec_context. Reported by Markus Moeller. Commit By: tlyu Revision: 19902 Changed Files: _U branches/krb5-1-6/ U branches/krb5-1-6/src/lib/gssapi/spnego/spnego_mech.c |
Download (untitled) 386b |
||||
