DNS server hangs in/after gss_indicate_mechs call on Windows with krb5-1.9 libs
Greg Hudson
ghudson at MIT.EDU
Fri May 10 12:20:16 EDT 2013
On 05/10/2013 04:46 AM, diptivs wrote:
> When I debugged the code I could get following is the call stack:
Thanks for the stack trace. Using that information, I was able to
figure out what's wrong.
As you guessed, the kg_vdb mutex is not initialized. During the
development of release 1.7, a bunch of GSSAPI code was moved around, and
the initialization of this mutex was accidentally placed into an #ifndef
_WIN32 block. This bug is at src/lib/gssapi/krb5/gssapi_krb5.c line
911-918; only the kg_kdc_flag_mutex mutex initialization should be
conditional.
In release 1.10, the entire subsystem which used kg_vdb was removed, so
this bug was not noticed during the testing of Kerberos for Windows 4.
I would strongly recommend using KfW 4, or at the very least a build of
release 1.10, rather than a build of release 1.9. We only just barely
made 1.9 build on Windows, whereas 1.10 is the basis of a KfW release
and has received much more testing.
(As a side note, please refrain from sending the same message to both
krbdev at mit.edu and kerberos at mit.edu.)
More information about the krbdev
mailing list