Issue with Kerberos + pam + squid

Alex Baule alexwbaule at
Tue Jan 26 11:39:22 EST 2010

Hi everyone....

Recently, i send to the pam-krb5 developer a email, about  the memory
consume in Kerberos.

In resume, i got this:

"I Use your pam module to do a autentication by squid. Only the
autentication, without set session.
But i got a problem, my enviroment have a lot authentication process, every
time, like 30 auth/sec, and the pam_krb5 is eating every memory available in
last that 1 day.
You can reproduce this, with some script to make conection with squid,
passing the "Proxy-Authorization: Basic [BASE64 (user:password)]", to make
the authentication process."

The answer was:

"That would imply that there's a memory leak somewhere, which is possible,
although last time I ran it through valgrind, all the memory leaks I saw
were in the Kerberos libraries.

How do you know that it's pam_krb5?  By switching it out for basic auth,
it doesn't happen?  (In that case, it may be your Kerberos libraries.)

Could you try running it under valgrind and see where it says that the
memory is leaking from?"

Well, my question is...there is a way to test this, to make shure about the
memory consume ? If is caused by PAM or Kerberos.

Tks !!!!

More information about the krbdev mailing list