From xthomk@airnz.co.nz Thu May 4 23:22:31 2000 Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.mit.edu (8.9.3/8.9.3) with SMTP id XAA06884 for ; Thu, 4 May 2000 23:22:30 -0400 (EDT) Received: from aklip01u.airnz.co.nz by MIT.EDU with SMTP id AA08304; Thu, 4 May 00 23:24:34 EDT Received: (from uucp@localhost) by aklip01u.airnz.co.nz (8.9.1a/8.9.1) id PAA27572 for ; Fri, 5 May 2000 15:22:26 +1200 (NZST) Received: from unknown(10.65.16.76) by aklip01u.airnz.co.nz via smap (V5.0) id xma027512; Fri, 5 May 00 15:21:31 +1200 Received: from aklif06u.airnz.co.nz (aklif06u.airnz.co.nz [10.65.16.82]) by aklndcvu.airnz.co.nz (8.9.1a/8.9.1) with ESMTP id PAA27964 for ; Fri, 5 May 2000 15:21:30 +1200 (NZST) Received: (from root@localhost) by aklif06u.airnz.co.nz (8.9.1a/8.9.1) id PAA24171; Fri, 5 May 2000 15:21:30 +1200 (NZST) Message-Id: <200005050321.PAA24171@aklif06u.airnz.co.nz> Date: Fri, 5 May 2000 15:21:30 +1200 (NZST) From: Kerry.Thompson@airnz.co.nz Reply-To: Kerry.Thompson@airnz.co.nz To: krb5-bugs@MIT.EDU Subject: problems on Solaris with mutliple virtual interfaces X-Send-Pr-Version: 3.99 >Number: 852 >Category: krb5-libs >Synopsis: krb5 failure on systems with multiple logical IP interfaces >Confidential: no >Severity: serious >Priority: medium >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Thu May 4 23:23:01 EDT 2000 >Last-Modified: Wed May 10 16:26:00 EDT 2000 >Originator: Kerry Thompson - Optimation >Organization: >Release: krb5-1.1 >Environment: System: SunOS aklif06u 5.6 Generic_105181-16 sun4u sparc SUNW,Ultra-250 Architecture: sun4 >Description: Kerberos cannot connect to KDC on systems with >=32 virtual IP interfaces Invalid argument error on UDP connect >How-To-Repeat: Config Solaris 2.6 with virtual interfaces : ifconfig hme0:1 testaddr1 up -trailers .... and try to run kinit. Works OK with <=30 interfaces configured, fails when any more are configured. Output : kinit: Invalid argument while getting initial credentials Truss says that the first ioctl() on the UDP endpoint fails, I believe this is the UDP connect() to reach the KDC. [snipped shard lib loads] close(4) = 0 close(3) = 0 munmap(0xFF360000, 8192) = 0 ioctl(0, TCGETA, 0xFFBEFC8C) = 0 ioctl(1, TCGETA, 0xFFBEFC8C) = 0 ioctl(2, TCGETA, 0xFFBEFC8C) = 0 brk(0x000B3D10) = 0 brk(0x000B5D10) = 0 stat("/etc/krb5.conf", 0xFFBEF9B8) = 0 open("/etc/krb5.conf", O_RDONLY) = 3 access("/etc/krb5.conf", 2) Err#13 EACCES brk(0x000B5D10) = 0 brk(0x000B7D10) = 0 fstat64(3, 0xFFBEF7D8) = 0 brk(0x000B7D10) = 0 brk(0x000B9D10) = 0 ioctl(3, TCGETA, 0xFFBEF764) Err#25 ENOTTY read(3, " [ l i b d e f a u l t s".., 8192) = 453 read(3, 0x000B61CC, 8192) = 0 llseek(3, 0, SEEK_CUR) = 453 close(3) = 0 stat("/usr/local/etc/krb5.conf", 0xFFBEF9B8) Err#2 ENOENT time() = 957496397 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 stat("/etc/krb5.conf", 0xFFBEFA18) = 0 open("/tmp/krb5cc_p11998", O_RDONLY) Err#2 ENOENT getuid() = 106 [106] open64("/etc/.name_service_door", O_RDONLY) = 3 fcntl(3, F_SETFD, 0x00000001) = 0 door_info(3, 0xFF238E40) Err#9 EBADF close(3) = 0 open("/etc/nsswitch.conf", O_RDONLY) = 3 fstat64(3, 0xFFBEF4A0) = 0 brk(0x000B9D10) = 0 brk(0x000BBD10) = 0 ioctl(3, TCGETA, 0xFFBEF42C) Err#25 ENOTTY read(3, " #\n # / e t c / n s s".., 8192) = 690 read(3, 0x000B850C, 8192) = 0 llseek(3, 0, SEEK_CUR) = 690 close(3) = 0 open("/usr/lib/nss_files.so.1", O_RDONLY) = 3 fstat(3, 0xFFBEF40C) = 0 mmap(0x00000000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF360000 mmap(0x00000000, 81920, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF260000 munmap(0xFF264000, 57344) = 0 mmap(0xFF272000, 7468, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED, 3, 8192) = 0xFF272 000 close(3) = 0 munmap(0xFF360000, 8192) = 0 open("/etc/passwd", O_RDONLY) = 3 fstat64(3, 0xFFBEF3C8) = 0 ioctl(3, TCGETA, 0xFFBEF354) Err#25 ENOTTY read(3, " r o o t : x : 0 : 1 : S".., 8192) = 2336 llseek(3, 0xFFFFFFFFFFFFF974, SEEK_CUR) = 660 close(3) = 0 stat("/etc/krb5.conf", 0xFFBEF910) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE818) = 0 stat("/etc/krb5.conf", 0xFFBEE818) = 0 time() = 957496397 stat("/etc/krb5.conf", 0xFFBEEB38) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 so_socket(2, 1, 0, "", 1) = 3 ioctl(3, 0xC0086914, 0xFFBEEE00) Err#22 EINVAL close(3) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE818) = 0 stat("/etc/krb5.conf", 0xFFBEE818) = 0 time() = 957496397 stat("/etc/krb5.conf", 0xFFBEEB38) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 stat("/etc/krb5.conf", 0xFFBEE7A8) = 0 so_socket(2, 1, 0, "", 1) = 3 ioctl(3, 0xC0086914, 0xFFBEEE00) Err#22 EINVAL close(3) = 0 kinitwrite(2, " k i n i t", 5) = 5 : write(2, " : ", 2) = 2 Invalid argumentwrite(2, " I n v a l i d a r g u".., 16) = 16 write(2, " ", 1) = 1 while getting initial credentialswrite(2, " w h i l e g e t t i n".., 33) = 33 write(2, "\r", 1) = 1 write(2, "\n", 1) = 1 open("/dev/zero", O_RDONLY) = 3 mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0xFF360000 close(3) = 0 llseek(0, 0, SEEK_CUR) = 8006 _exit(1) >Fix: Unknown. Probably need to look at the binding of the UDP endpoint. >Audit-Trail: From: "Thompson, Kerry" To: "'krb5-bugs@mit.edu'" , "'krb5-unassigned@rt-11.mit.edu'" Cc: Subject: RE: krb5-libs/852: problems on Solaris with mutliple virtual inte rfaces Date: Wed, 10 May 2000 14:38:12 +1200 Hi This has been fixed up now. The problem is in the short buffers being passed to the SIOCGIFCONF ioctl() calls. I've increased the size of the buffers in each of the files lib/krb5/os/localaddr.c lib/rpc/get_myaddress.c lib/rpc/pmap_rmt.c in each case I made the buffer to be : char buf[KRB5_MAXNETINTERFACES * sizeof(struct ifconf)]; in lib/rpc/pmap_rmt.c I allocated a new buffer rather than using the function argument one, by declaring : char buf2[KRB5_MAXNETINTERFACES * sizeof(struct ifconf)]; and used this in the ioctl() call. I defined KRB5_MAXNETINTERFACES in include/krb5/stock/osconf.h to be quite large ( 256 ). This seems to fix the problem just fine. Ideally, we should do a SIOGIFNUM ioctl() to read the max number of interfaces since this can be changed at run time under Solaris with the ndd command. But then we'd have to malloc() and free() the buffers, etc. which sounds like too much hard work to me. Could the MIT chaps please roll these changes into the krb5 code. Regards, Kerry > -----Original Message----- > From: krb5-bugs@mit.edu [mailto:krb5-bugs@mit.edu] > Sent: Friday, May 05, 2000 3:23 PM > To: Kerry.Thompson@airnz.co.nz > Subject: Re: krb5-libs/852: problems on Solaris with mutliple virtual > interfaces > > > Thank you very much for your problem report. > It has the internal identification `krb5-libs/852'. > The individual assigned to look at your > report is: krb5-unassigned. > > >Category: krb5-libs > >Responsible: krb5-unassigned > >Synopsis: krb5 failure on systems with multiple > logical IP interfaces > >Arrival-Date: Thu May 4 23:23:01 EDT 2000 > ____________________________________________________________________ CAUTION - This message may contain privileged and confidential information intended only for the use of the addressee named above. If you are not the intended recipient of this message you are hereby notified that any use, dissemination, distribution or reproduction of this message is prohibited. If you have received this message in error please notify Air New Zealand immediately. Any views expressed in this message are those of the individual sender and may not necessarily reflect the views of Air New Zealand. _____________________________________________________________________ From: Ken Raeburn To: "Thompson, Kerry" Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/852: problems on Solaris with mutliple virtual inte rfaces Date: 10 May 2000 16:25:38 -0400 In the 1.2-beta code, I've already changed lib/krb5/os/localaddr.c to dynamically resize an allocated buffer until it appears to be big enough. Unfortunately, I haven't found a guaranteed way to find out if it *is* big enough, but as far as I can tell my heuristics are working pretty well. "Thompson, Kerry" writes: > This has been fixed up now. The problem is in the short buffers > being passed to the SIOCGIFCONF ioctl() calls. I've increased the size of > the > buffers in each of the files > lib/krb5/os/localaddr.c > lib/rpc/get_myaddress.c > lib/rpc/pmap_rmt.c Hm, I did miss the RPC files though... and it looks to me like the code in get_myaddress.c won't work with IPv6 addresses.... For now, I've increased the buffer size in get_myaddress.c. > in lib/rpc/pmap_rmt.c I allocated a new buffer rather than using the > function argument one, by declaring : I made the required buffer size a macro, and made inbuf's size (in the caller) the maximum of that and UDPMSGSIZE. Eventually, I'd like to separate out a single utility routine for use in a number of these places... Thanks for the report. Ken >Unformatted: