Content-Type: text/html; charset="utf-8" Content-ID: Content-Transfer-Encoding: base64 Content-Length: 9199

Hello,

 

We use krb5 lib v1.10.3 in our product. Recently, one of our customers ran into a replay cache file descriptor leak issue in that there were many opened but deleted replay cache temp files staying around for days. For instance,

 

--------

Jan  7 13:44:28   fd 1220 (/shared/tmp/krb5_RCB8Wi7X (deleted)) : cloexec,  Fflags[0x8002], read-write

Jan 11 09:25:40  fd 1220 (/shared/tmp/krb5_RCB8Wi7X (deleted)) : cloexec,  Fflags[0x8002], read-write

--------

Jan  8 15:33:17  fd 1529 (/shared/tmp/krb5_RCGIGQ1X (deleted)) : cloexec,  Fflags[0x8002], read-write

Jan 11 09:25:40  fd 1529 (/shared/tmp/krb5_RCGIGQ1X (deleted)) : cloexec,  Fflags[0x8002], read-write

--------

Jan  9 12:05:14  fd 355 (/shared/tmp/krb5_RCG6JmM9 (deleted)) : cloexec,  Fflags[0x8002], read-write

Jan 11 09:25:40  fd 355 (/shared/tmp/krb5_RCG6JmM9 (deleted)) : cloexec,  Fflags[0x8002], read-write

 

Someone encountered the same issue with v1.10.3 and upgrading to v1.14.5 did not help (https://groups.google.com/forum/#!searchin/comp.protocols.kerberos/leak%7Csort:date/comp.protocols.kerberos/pN4QCVcEMWc/xYMDKrLuBgAJ).

 

We were wondering if there is a solution to or a workaround for this issue.

 

TIA,

Daniel