leaking rcache opens in gss_accept_sec_context

Benjamin Coddington bcodding at uvm.edu
Wed Jul 20 08:48:15 EDT 2011


On Jul 20, 2011, at 1:07 AM, Greg Hudson wrote:
On Tue, 2011-07-19 at 16:21 -0400, Benjamin Coddington wrote:
>> gss_acquire_cred
>> gss_accept_sec_context
>> gss_export_lucid_sec_context
>> gss_delete_sec_context
> 
>> I found that before we got to gss_delete_sec_context(), we had already
>> tried to clean up the context in gss_krb5_export_lucid_sec_context()
>> -> krb5_gss_delete_sec_context(), which fails with G_VALIDATE_FAILED.
>> It also sets the context to GSS_C_NO_CONTEXT, so once we get to
>> gss_delete_sec_context(), context validation fails there too.
> 
> Aha.  Yes, that's the bug you found a reference to.  (And thank you for
> explaining why that bug wasn't resulting in gssd crashes for everyone in
> previous releases.  I had forgotten about the pointer validation code.)
> I've attached the patch which is due for krb5 1.9.2.
> 
> gss_delete_sec_context should be unnecessary when
> gss_export_lucid_sec_context succeeds.  Of course, it's harmless given
> the way GSS handles contexts (nulling out the pointer when they are
> released).
> 
> <patch.txt>

Thank you, Greg.  I can confirm that this fixes the problem we were seeing.

It also fixes a leak when running without '-n', which was less obvious because we didn't open a new handle to the rcache each time.

Ben



More information about the Kerberos mailing list