Crash in gss_export_sec_contex in krb5-1.8.1 on OpenSuse 11.3
Markus Moeller
huaraz at moeller.plus.com
Mon Dec 27 08:08:25 EST 2010
Here is a small sample progam which crashes with 1.8.1 and 1.8.3, 1.9 but
works with 1.6.1.
BTW I can export acceptor security contexts but not initiator contexts.
Markus
/* test export of security context
*/
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <gssapi/gssapi.h>
int main(void) {
#define SERVICENAME "HTTP"
#define HOSTNAME "opensuse11.suse.home"
OM_uint32 maj,min;
gss_name_t server_name = GSS_C_NO_NAME;
gss_buffer_desc service = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc export_token = GSS_C_EMPTY_BUFFER;
gss_ctx_id_t gss_context_init = GSS_C_NO_CONTEXT;
service.value = malloc(strlen(SERVICENAME)+strlen(HOSTNAME)+2);
snprintf(service.value,strlen(SERVICENAME)+strlen(HOSTNAME)+2,"%s@%s",SERVICENAME,HOSTNAME);
service.length = strlen((char *)service.value);
maj = gss_import_name(&min, &service, (gss_OID)
GSS_C_NT_HOSTBASED_SERVICE, &server_name);
maj = gss_init_sec_context(&min, GSS_C_NO_CREDENTIAL, &gss_context_init,
server_name, NULL, 0, 0, NULL,
GSS_C_NO_BUFFER ,
NULL, &output_token, NULL, NULL);
maj= gss_export_sec_context(&min, &gss_context_init, &export_token);
}
"Markus Moeller" <huaraz at moeller.plus.com> wrote in message
news:if7efi$4gd$1 at dough.gmane.org...
> When I try to export a security context it sometime crashes in:
>
> gss_export_sec_context in g_exp_sec_context line 104
>
> 102 return (GSS_S_UNAVAILABLE);
> 103
> 104 status = mech->gss_export_sec_context(minor_status,
> 105 &ctx->internal_ctx_id,
> &token);
> 106 if (status != GSS_S_COMPLETE) {
> 107 map_error(minor_status, mech);
> 108 return (status);
> 109 }
>
> krb5_gss_export_sec_context in export_sec_context.c line 66
>
> 64 /* Determine size needed for externalization of context */
> 65 bufsize = 0;
> 66 if ((kret = kg_ctx_size(context, (krb5_pointer) ctx,
> 67 &bufsize)))
> 68 goto error_out;
>
> kg_ctx_size in ser_sctx.c line 361
>
> 360 if (initiator_name) {
> 361 kret = krb5_size_opaque(kcontext,
> 362 KV5M_AUTHDATA_CONTEXT,
> 363 initiator_name->ad_context,
> 364 &required);
> 365 }
>
>
> krb5_size_opaque in serialize.c line 105
>
> 103 /* See if the type is supported, if so, do it */
> 104 if ((shandle = krb5_find_serializer(kcontext, odtype)))
> 105 kret = (shandle->sizer) ? (*shandle->sizer)(kcontext, arg,
> sizep) : 0;
> 106 return(kret);
>
> krb5_authdata_context_size in authdata.c line 1131
>
> 1130
> 1131 code = k5_ad_size(kcontext, context, AD_USAGE_MASK, sizep);
> 1132 if (code != 0)
> 1133 return code;
> 1134
>
> k5_ad_size in authdata.c line 162 (The reason is that context is 0 ,
> which
> is initiator_name->ad_context)
>
> 162 for (i = 0; i < context->n_modules; i++) {
> 163 struct _krb5_authdata_context_module *module =
> &context->modules[i];
> 164 size_t size;
> 165
>
>
> I use a MIT kdc so I would not expect authorization data. Is this a known
> bug in 1.8.1 ?
>
> Markus
>
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list