From martin@orie.cornell.edu Fri Apr 5 04:41:12 2002
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id EAA00331
for <bugs@RT-11.mit.edu>; Fri, 5 Apr 2002 04:41:11 -0500 (EST)
Received: from postoffice.mail.cornell.edu (postoffice.mail.cornell.edu [132.236.56.7])
by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id EAA20991
for <krb5-bugs@mit.edu>; Fri, 5 Apr 2002 04:41:11 -0500 (EST)
Received: from manager.orie.cornell.edu (manager.orie.cornell.edu [128.84.138.220])
by postoffice.mail.cornell.edu (8.9.3/8.9.3) with ESMTP id EAA04076
for <krb5-bugs@mit.edu>; Fri, 5 Apr 2002 04:41:10 -0500 (EST)
Received: (from martin@localhost)
by manager.orie.cornell.edu (8.8.8/8.8.8) id EAA07577
for krb5-bugs@mit.edu; Fri, 5 Apr 2002 04:41:10 -0500 (EST)
Received: from postoffice.mail.cornell.edu (postoffice.mail.cornell.edu [132.236.56.7]) by manager.orie.cornell.edu (8.8.8/8.8.8) with ESMTP id LAA09250 for <martin@orie.cornell.edu>; Thu, 4 Apr 2002 11:19:04 -0500 (EST)
Received: from 128.84.138.175 (orpent25.orie.cornell.edu [128.84.138.175]) by postoffice.mail.cornell.edu (8.9.3/8.9.3) with SMTP id LAA09060 for <martin@orie.cornell.edu>; Thu, 4 Apr 2002 11:19:00 -0500 (EST)
Message-Id: <MPG.171646d1287e21a811e1a300@postoffice.mail.cornell.edu>
Date: Thu, 4 Apr 2002 11:18:41 -0500
From: Operations Research <martin@orie.cornell.edu>
To: krb5-bugs@mit.edu
Subject: Segmentation fault in krb5_timeofday - krb5-1.2.2 on Solaris 5.8
System: SunOS critical 5.8 Generic_108528-09 sun4u sparc SUNW,Ultra-5_10
Machine: Ultra 10
I am using the Apache mod_auth_kerb module under apache_1.3.24. I
have installed krb5-1.2.2 on a Solaris 5.8 system. When I access the
page that requires kerberos authentication, I get a segmenation fault:
[Fri Apr 5 03:50:24 2002] [notice] Apache/1.3.24 (Unix) mod_perl/1.26
AuthMySQL/2.20 PHP/4.1.2 mod_ssl/2.8.8 OpenSSL/0.9.6 configured --
resuming normal operations
[Fri Apr 5 03:50:24 2002] [notice] Accept mutex: fcntl (Default: fcntl)
[Fri Apr 5 03:50:34 2002] [notice] child pid 21398 exit signal
Segmentation Fault (11)
I recompiled kerberos with gcc version 2.95.2 19991024 (release) with the
-gstabs+ flag to genetate extra debugging information. When I ran Apache
under the gdb debugger, I find that the problem is in the kerberos
krb5_timeofday function because the "context" parameter is NULL. I have
traced this back to line 691 in the kerb_validate_user_pass_V5 function,
where kcontext pointer is not being initialized. I am also getting this
error in the latest release of Kerberos (krb5-1.2.4). Has anyone
experienced this problem and, more important, found a solution?
Here is the gdb debugging information:
# gdb ./httpd
GNU gdb 5.1.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-sun-solaris2.8"...
(gdb) run -X
Starting program: /export/home/apache_modssl/bin/./httpd -X
[New LWP 1]
[New LWP 2]
[New LWP 3]
[New LWP 4]
[Thu Apr 4 11:04:25 2002] [warn] NameVirtualHost 128.84.138.120:911 has
no VirtualHosts
[Thu Apr 4 11:04:25 2002] [warn] NameVirtualHost 128.84.138.120:411 has
no VirtualHosts
[Thu Apr 4 11:04:25 2002] [warn] NameVirtualHost
critical.orie.cornell.edu:443 has no VirtualHosts
Program received signal SIGSEGV, Segmentation fault.
0x00298ec4 in krb5_timeofday (context=0x0, timeret=0xffbef53c)
at timeofday.c:44
44 krb5_os_context os_ctx = context->os_context;
(gdb) bt
#0 0x00298ec4 in krb5_timeofday (context=0x0, timeret=0xffbef53c)
at timeofday.c:44
#1 0x001c7230 in kerb_validate_user_pass_V5 (r=0x4e4dc8,
sent_pw=0x5173ed "esoom3") at mod_auth_kerb.c:697
#2 0x001c8918 in kerb_authenticate_user (r=0x4e4dc8) at
mod_auth_kerb.c:1502
#3 0x00224fa4 in run_method (r=0x4e4dc8, offset=7, run_all=0)
at http_config.c:369
#4 0x002251e4 in ap_check_user_id (r=0x4e4dc8) at http_config.c:421
#5 0x0024407c in process_request_internal (r=0x4e4dc8) at
http_request.c:1255
#6 0x002444b4 in ap_process_request (r=0x4e4dc8) at http_request.c:1324
#7 0x00237708 in child_main (child_num_arg=0) at http_main.c:4656
#8 0x002379c4 in make_child (s=0x4e0d98, slot=0, now=1017936266)
at http_main.c:4780
#9 0x00237be0 in startup_children (number_to_start=5) at
http_main.c:4862
#10 0x00238610 in standalone_main (argc=2, argv=0xffbefbcc) at
http_main.c:5167
#11 0x00239270 in main (argc=2, argv=0xffbefbcc) at http_main.c:5527
(gdb)
Breakpoint 1, kerb_validate_user_pass_V5 (r=0x4e4dc8,
sent_pw=0x5173ed "esoom3") at mod_auth_kerb.c:691
691 krb5_init_ets(kcontext);
(gdb) print kcontext
$14 = 0x0
# ldd ./httpd
libkrb5.so.3 => /usr/lib/libkrb5.so.3
libk5crypto.so.3 => /usr/lib/libk5crypto.so.3
libcom_err.so.3 => /usr/lib/libcom_err.so.3
libmysqlclient.so.10 =>
/usr/local/mysql/lib/mysql/libmysqlclient.so.10
libz.so => /usr/lib/libz.so
libpam.so.1 => /usr/lib/libpam.so.1
libdl.so.1 => /usr/lib/libdl.so.1
libncurses.so.5 => /usr/lib/libncurses.so.5
libcrypt_i.so.1 => /usr/lib/libcrypt_i.so.1
libresolv.so.2 => /usr/lib/libresolv.so.2
libm.so.1 => /usr/lib/libm.so.1
libsocket.so.1 => /usr/lib/libsocket.so.1
libnsl.so.1 => /usr/lib/libnsl.so.1
libpthread.so.1 => /usr/lib/libpthread.so.1
libc.so.1 => /usr/lib/libc.so.1
libiconv.so.2 => /usr/lib/libiconv.so.2
libgcc_s.so.1 => /usr/lib/libgcc_s.so.1
libgen.so.1 => /usr/lib/libgen.so.1
libmp.so.2 => /usr/lib/libmp.so.2
libthread.so.1 => /usr/lib/libthread.so.1
/usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1
# ./httpd -l
Compiled-in modules:
http_core.c
mod_env.c
mod_log_config.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_info.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_rewrite.c
mod_access.c
mod_auth.c
mod_cern_meta.c
mod_expires.c
mod_headers.c
mod_so.c
mod_setenvif.c
mod_ssl.c
mod_php4.c
mod_auth_kerb.c
mod_auth_mysql.c
mod_perl.c
suexec: disabled; invalid wrapper /export/home/apache_modssl/bin/suexec
Thank you for your help,
-- Bill Martin --
From: "William T. Martin" <martin@orie.cornell.edu>
To: krb5-bugs@mit.edu, krb5-unassigned@rt-11.mit.edu
Cc: Subject: Re: krb5-clients/1086: Segmentation fault in krb5_timeofday - krb5-1.2.2 on Solaris 5.8
Date: Fri, 5 Apr 2002 13:09:24 -0500
My /etc/krb5.conf file was readable only by root. The problem went away
when I changed this. You can close this problem.
-- Bill Martin --
On Fri, Apr 05, 2002 at 04:42:01AM -0500, krb5-bugs@mit.edu wrote:
--
=======================================================================
William T. Martin email: martin@orie.cornell.edu
Cornell University/ORIE Fax: (607) 255-9129
257 Rhodes Hall Phone: (607) 255-9134
Ithaca, NY 14853
Public Key: http://www.orie.cornell.edu/~martin/public_key.html
=======================================================================
State-Changed-From-To: open-closed
State-Changed-By: hartmans
State-Changed-When: Mon Apr 8 13:39:59 2002
State-Changed-Why:
krb5_init_context failed, application dealt badly
Not our application, so not our problem.
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id EAA00331
for <bugs@RT-11.mit.edu>; Fri, 5 Apr 2002 04:41:11 -0500 (EST)
Received: from postoffice.mail.cornell.edu (postoffice.mail.cornell.edu [132.236.56.7])
by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id EAA20991
for <krb5-bugs@mit.edu>; Fri, 5 Apr 2002 04:41:11 -0500 (EST)
Received: from manager.orie.cornell.edu (manager.orie.cornell.edu [128.84.138.220])
by postoffice.mail.cornell.edu (8.9.3/8.9.3) with ESMTP id EAA04076
for <krb5-bugs@mit.edu>; Fri, 5 Apr 2002 04:41:10 -0500 (EST)
Received: (from martin@localhost)
by manager.orie.cornell.edu (8.8.8/8.8.8) id EAA07577
for krb5-bugs@mit.edu; Fri, 5 Apr 2002 04:41:10 -0500 (EST)
Received: from postoffice.mail.cornell.edu (postoffice.mail.cornell.edu [132.236.56.7]) by manager.orie.cornell.edu (8.8.8/8.8.8) with ESMTP id LAA09250 for <martin@orie.cornell.edu>; Thu, 4 Apr 2002 11:19:04 -0500 (EST)
Received: from 128.84.138.175 (orpent25.orie.cornell.edu [128.84.138.175]) by postoffice.mail.cornell.edu (8.9.3/8.9.3) with SMTP id LAA09060 for <martin@orie.cornell.edu>; Thu, 4 Apr 2002 11:19:00 -0500 (EST)
Message-Id: <MPG.171646d1287e21a811e1a300@postoffice.mail.cornell.edu>
Date: Thu, 4 Apr 2002 11:18:41 -0500
From: Operations Research <martin@orie.cornell.edu>
To: krb5-bugs@mit.edu
Subject: Segmentation fault in krb5_timeofday - krb5-1.2.2 on Solaris 5.8
Show quoted text
>Number: 1086
>Category: krb5-clients
>Synopsis: Segmentation fault in krb5_timeofday - krb5-1.2.2 on
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Apr 5 04:42:01 EST 2002
>Last-Modified: Mon Apr 8 13:40:28 EDT 2002
>Originator: William Martin
>Organization:
Cornell University>Category: krb5-clients
>Synopsis: Segmentation fault in krb5_timeofday - krb5-1.2.2 on
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Apr 5 04:42:01 EST 2002
>Last-Modified: Mon Apr 8 13:40:28 EDT 2002
>Originator: William Martin
>Organization:
Show quoted text
>Release: 1.0-development
>Environment:
<machine, os, target, libraries (multiple lines)>>Environment:
System: SunOS critical 5.8 Generic_108528-09 sun4u sparc SUNW,Ultra-5_10
Machine: Ultra 10
Show quoted text
>Description:
I am using the Apache mod_auth_kerb module under apache_1.3.24. I
have installed krb5-1.2.2 on a Solaris 5.8 system. When I access the
page that requires kerberos authentication, I get a segmenation fault:
[Fri Apr 5 03:50:24 2002] [notice] Apache/1.3.24 (Unix) mod_perl/1.26
AuthMySQL/2.20 PHP/4.1.2 mod_ssl/2.8.8 OpenSSL/0.9.6 configured --
resuming normal operations
[Fri Apr 5 03:50:24 2002] [notice] Accept mutex: fcntl (Default: fcntl)
[Fri Apr 5 03:50:34 2002] [notice] child pid 21398 exit signal
Segmentation Fault (11)
I recompiled kerberos with gcc version 2.95.2 19991024 (release) with the
-gstabs+ flag to genetate extra debugging information. When I ran Apache
under the gdb debugger, I find that the problem is in the kerberos
krb5_timeofday function because the "context" parameter is NULL. I have
traced this back to line 691 in the kerb_validate_user_pass_V5 function,
where kcontext pointer is not being initialized. I am also getting this
error in the latest release of Kerberos (krb5-1.2.4). Has anyone
experienced this problem and, more important, found a solution?
Here is the gdb debugging information:
# gdb ./httpd
GNU gdb 5.1.1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "sparc-sun-solaris2.8"...
(gdb) run -X
Starting program: /export/home/apache_modssl/bin/./httpd -X
[New LWP 1]
[New LWP 2]
[New LWP 3]
[New LWP 4]
[Thu Apr 4 11:04:25 2002] [warn] NameVirtualHost 128.84.138.120:911 has
no VirtualHosts
[Thu Apr 4 11:04:25 2002] [warn] NameVirtualHost 128.84.138.120:411 has
no VirtualHosts
[Thu Apr 4 11:04:25 2002] [warn] NameVirtualHost
critical.orie.cornell.edu:443 has no VirtualHosts
Program received signal SIGSEGV, Segmentation fault.
0x00298ec4 in krb5_timeofday (context=0x0, timeret=0xffbef53c)
at timeofday.c:44
44 krb5_os_context os_ctx = context->os_context;
(gdb) bt
#0 0x00298ec4 in krb5_timeofday (context=0x0, timeret=0xffbef53c)
at timeofday.c:44
#1 0x001c7230 in kerb_validate_user_pass_V5 (r=0x4e4dc8,
sent_pw=0x5173ed "esoom3") at mod_auth_kerb.c:697
#2 0x001c8918 in kerb_authenticate_user (r=0x4e4dc8) at
mod_auth_kerb.c:1502
#3 0x00224fa4 in run_method (r=0x4e4dc8, offset=7, run_all=0)
at http_config.c:369
#4 0x002251e4 in ap_check_user_id (r=0x4e4dc8) at http_config.c:421
#5 0x0024407c in process_request_internal (r=0x4e4dc8) at
http_request.c:1255
#6 0x002444b4 in ap_process_request (r=0x4e4dc8) at http_request.c:1324
#7 0x00237708 in child_main (child_num_arg=0) at http_main.c:4656
#8 0x002379c4 in make_child (s=0x4e0d98, slot=0, now=1017936266)
at http_main.c:4780
#9 0x00237be0 in startup_children (number_to_start=5) at
http_main.c:4862
#10 0x00238610 in standalone_main (argc=2, argv=0xffbefbcc) at
http_main.c:5167
#11 0x00239270 in main (argc=2, argv=0xffbefbcc) at http_main.c:5527
(gdb)
Breakpoint 1, kerb_validate_user_pass_V5 (r=0x4e4dc8,
sent_pw=0x5173ed "esoom3") at mod_auth_kerb.c:691
691 krb5_init_ets(kcontext);
(gdb) print kcontext
$14 = 0x0
# ldd ./httpd
libkrb5.so.3 => /usr/lib/libkrb5.so.3
libk5crypto.so.3 => /usr/lib/libk5crypto.so.3
libcom_err.so.3 => /usr/lib/libcom_err.so.3
libmysqlclient.so.10 =>
/usr/local/mysql/lib/mysql/libmysqlclient.so.10
libz.so => /usr/lib/libz.so
libpam.so.1 => /usr/lib/libpam.so.1
libdl.so.1 => /usr/lib/libdl.so.1
libncurses.so.5 => /usr/lib/libncurses.so.5
libcrypt_i.so.1 => /usr/lib/libcrypt_i.so.1
libresolv.so.2 => /usr/lib/libresolv.so.2
libm.so.1 => /usr/lib/libm.so.1
libsocket.so.1 => /usr/lib/libsocket.so.1
libnsl.so.1 => /usr/lib/libnsl.so.1
libpthread.so.1 => /usr/lib/libpthread.so.1
libc.so.1 => /usr/lib/libc.so.1
libiconv.so.2 => /usr/lib/libiconv.so.2
libgcc_s.so.1 => /usr/lib/libgcc_s.so.1
libgen.so.1 => /usr/lib/libgen.so.1
libmp.so.2 => /usr/lib/libmp.so.2
libthread.so.1 => /usr/lib/libthread.so.1
/usr/platform/SUNW,Ultra-5_10/lib/libc_psr.so.1
# ./httpd -l
Compiled-in modules:
http_core.c
mod_env.c
mod_log_config.c
mod_mime.c
mod_negotiation.c
mod_status.c
mod_info.c
mod_include.c
mod_autoindex.c
mod_dir.c
mod_cgi.c
mod_asis.c
mod_imap.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_rewrite.c
mod_access.c
mod_auth.c
mod_cern_meta.c
mod_expires.c
mod_headers.c
mod_so.c
mod_setenvif.c
mod_ssl.c
mod_php4.c
mod_auth_kerb.c
mod_auth_mysql.c
mod_perl.c
suexec: disabled; invalid wrapper /export/home/apache_modssl/bin/suexec
Thank you for your help,
-- Bill Martin --
Show quoted text
>How-To-Repeat:
Rerun Apache and access page that uses mod_auth_kerbShow quoted text
>Fix:
Show quoted text
>Audit-Trail:
From: "William T. Martin" <martin@orie.cornell.edu>
To: krb5-bugs@mit.edu, krb5-unassigned@rt-11.mit.edu
Cc: Subject: Re: krb5-clients/1086: Segmentation fault in krb5_timeofday - krb5-1.2.2 on Solaris 5.8
Date: Fri, 5 Apr 2002 13:09:24 -0500
My /etc/krb5.conf file was readable only by root. The problem went away
when I changed this. You can close this problem.
-- Bill Martin --
On Fri, Apr 05, 2002 at 04:42:01AM -0500, krb5-bugs@mit.edu wrote:
Show quoted text
> Thank you very much for your problem report.
> It has the internal identification `krb5-clients/1086'.
> The individual assigned to look at your
> report is: krb5-unassigned.
>
> It has the internal identification `krb5-clients/1086'.
> The individual assigned to look at your
> report is: krb5-unassigned.
>
> >Category: krb5-clients
> >Responsible: krb5-unassigned
> >Synopsis: Segmentation fault in krb5_timeofday - krb5-1.2.2 on
> >Arrival-Date: Fri Apr 5 04:42:01 EST 2002
> >Responsible: krb5-unassigned
> >Synopsis: Segmentation fault in krb5_timeofday - krb5-1.2.2 on
> >Arrival-Date: Fri Apr 5 04:42:01 EST 2002
--
=======================================================================
William T. Martin email: martin@orie.cornell.edu
Cornell University/ORIE Fax: (607) 255-9129
257 Rhodes Hall Phone: (607) 255-9134
Ithaca, NY 14853
Public Key: http://www.orie.cornell.edu/~martin/public_key.html
=======================================================================
State-Changed-From-To: open-closed
State-Changed-By: hartmans
State-Changed-When: Mon Apr 8 13:39:59 2002
State-Changed-Why:
krb5_init_context failed, application dealt badly
Not our application, so not our problem.
Show quoted text
>Unformatted:
Solaris 5.8