Skip Menu |

Download (untitled) / with headers
text/plain 5.1KiB
From Wed Aug 31 14:27:07 2011
Return-Path: <>
Received: from (PCH.MIT.EDU [])
by (Postfix) with ESMTP id D24253DC26;
Wed, 31 Aug 2011 14:27:07 -0400 (EDT)
Received: from ( [])
by (8.13.6/8.12.8) with ESMTP id p7VIR7Bi009150;
Wed, 31 Aug 2011 14:27:07 -0400
Received: from (MAILHUB-DMZ-4.MIT.EDU [])
by (8.13.6/8.12.8) with ESMTP id p7VILN2v007951
for <>; Wed, 31 Aug 2011 14:21:24 -0400
by (8.13.8/8.9.2) with ESMTP id p7VII80e022964
for <>; Wed, 31 Aug 2011 14:21:23 -0400
X-AuditID: 1209190c-b7bdeae000000a26-db-4e5e7b6ce9a0
Authentication-Results: symauth.service.identifier; spf=pass; senderid=pass
Received: from ( [])
by (Symantec Messaging Gateway) with SMTP
id E4.85.02598.C6B7E5E4; Wed, 31 Aug 2011 14:20:29 -0400 (EDT)
Received: from
( [])
by (8.14.4/8.14.4) with ESMTP id p7VILMxU003230
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
for <>; Wed, 31 Aug 2011 14:21:22 -0400
Received: from ( [])
by (8.13.8/8.13.8) with ESMTP
id p7VILKlm013830
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
for <>; Wed, 31 Aug 2011 14:21:21 -0400
Received: from (localhost.localdomain [])
by (8.14.5/8.14.5) with ESMTP id p7VILJZ8006505
for <>; Wed, 31 Aug 2011 14:21:20 -0400
Received: (from nalin@localhost)
by (8.14.5/8.14.5/Submit) id p7VILJGb006504;
Wed, 31 Aug 2011 14:21:19 -0400
Date: Wed, 31 Aug 2011 14:21:19 -0400
Message-Id: <>
Subject: assertion failure when connections fail in service_fds()
X-send-pr-version: 3.99
X-Scanned-By: MIMEDefang 2.67 on
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrNIsWRWlGSWpSXmKPExsVysWW7jG5udZyfwcS9TBYND4+zOzB6NJ05
X-Mailman-Approved-At: Wed, 31 Aug 2011 14:27:05 -0400
X-Mailman-Version: 2.1.6
Precedence: list

Show quoted text
>Submitter-Id: net
>Confidential: no
>Synopsis: assertion failure when connections fail in service_fds()
>Severity: non-critical
>Priority: medium
>Category: krb5-libs
>Class: sw-bug
>Release: 1.9.1

System: Linux #1 SMP Wed Jul 6 13:58:54 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
Architecture: x86_64
Show quoted text
With the fix for RT#6905 applied and clients building with
poll(), we're seeing some clients hitting an assertion failure
when one of the multiple connections that k5_sendto() creates
fails before a reply is received from another one.
After a connection's state is marked as FAILED, subsequent
calls to service_fds() will still attempt to pass that
connection's descriptor to cm_get_ssflags(), and because the
descriptor has already been removed from the select_state,
cm_get_ssflags() will hit an assertion failure.
Show quoted text
Configure a client system with a list of KDCs which includes, at
its front, an address/port combination where there's no KDC
Show quoted text
This appears to fix it on my systems:
Index: src/lib/krb5/os/sendto_kdc.c
--- src/lib/krb5/os/sendto_kdc.c (revision 25119)
+++ src/lib/krb5/os/sendto_kdc.c (working copy)
@@ -1176,7 +1176,7 @@
for (state = conns; state != NULL; state = state->next) {
int ssflags;

- if (state->fd == INVALID_SOCKET)
+ if (state->state == FAILED || state->fd == INVALID_SOCKET)
ssflags = cm_get_ssflags(seltemp, state->fd);
if (!ssflags)
I'm asking Ken why we don't just close and invalidate conn->fd when
killing a connection. It seems deliberate given how the code was
introduced, but I can't think of a reason.

Depending on the answer, I'll apply your patch or adjust kill_conn().
Subject: SVN Commit

Fix connection termination bug in sendto_kdc.

When terminating a connection, close and invalidate conn->fd so that
we don't look for it in selstate on the next select or poll
invocation. Looking for such an fd is harmless when using select, but
results in an assertion failure when using poll.
Commit By: ghudson
Revision: 25120
Changed Files:
U trunk/src/lib/krb5/os/sendto_kdc.c