[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

keytab code and missing /etc/srvtab

I've spent some time debugging this and I'm getting somewhat lost in the
various levels of indirection so I'm hoping someone more familiar with the
code can spot the problem.  Using the OpenSSH sshd with the gssapi patches
from http://www.sxw.org.uk/computing/patches/openssh.html, the server
process chokes if there is no /etc/srvtab with the attached backtrace.  My
naive fix is in keytab_krb4.c:krb4_kt_end_seq_get at the top to do
    if(c->fd < 0)
        return 0;
since it seems that the memory won't be allocated unless we've got a valid
file descriptor.  However, I suspect something more intelligent should be

#0  0x40257380 in free () from /lib/libc.so.6
#1  0x808a0a0 in krb5_storage_free (sp=0x80c2498) at store.c:105
#2  0x8085f35 in krb4_kt_end_seq_get (context=0x80beaa8, id=0x80c1648, 
    c=0x80c2484) at keytab_krb4.c:222
#3  0x808419d in krb5_kt_end_seq_get (context=0x80beaa8, id=0x80c1648, 
    cursor=0x80c2484) at keytab.c:420
#4  0x8084535 in any_end_seq_get (context=0x80beaa8, id=0x80c1568, 
    cursor=0xbfffc6e8) at keytab_any.c:193
#5  0x808419d in krb5_kt_end_seq_get (context=0x80beaa8, id=0x80c1568, 
    cursor=0xbfffc6e8) at keytab.c:420
#6  0x8083fd8 in krb5_kt_get_entry (context=0x80beaa8, id=0x80c1568, 
    principal=0x80c16a0, kvno=0, enctype=ETYPE_DES_CBC_CRC, entry=0xbfffc754)
    at keytab.c:287
#7  0x8090f7c in krb5_keytab_key_proc (context=0x80beaa8, 
    enctype=ETYPE_DES_CBC_CRC, salt={salttype = KRB5_PW_SALT, saltvalue = {
        length = 37, data = 0x80c1980}}, keyseed=0x80c1760, key=0xbfffc7c0)
    at get_in_tkt_with_keytab.c:57
#8  0x80838e3 in krb5_get_in_cred (context=0x80beaa8, options=10, addrs=0x0, 
    etypes=0x0, ptypes=0x0, preauth=0x0, 
    key_proc=0x8090f30 <krb5_keytab_key_proc>, keyseed=0x80c1760, 
    decrypt_proc=0, decryptarg=0x0, creds=0xbfffe9a4, ret_as_reply=0x0)
    at get_in_tkt.c:766
#9  0x808f3af in krb5_get_init_creds_keytab (context=0x80beaa8, 
    creds=0xbfffea74, client=0x80c1520, keytab=0x80c1568, start_time=0, 
    in_tkt_service=0x0, options=0xbfffea44) at init_creds_pw.c:552
#10 0x4019001e in gss_acquire_cred () from /usr/lib/libgssapi.so.1
#11 0x8078c88 in ssh_gssapi_acquire_cred (ctx=0xbfffeba0) at gss-genr.c:457
#12 0x8078573 in ssh_gssapi_mechanisms (server=1, host=0x0) at gss-genr.c:122
#13 0x8055d63 in do_ssh2_kex () at sshd.c:1462
#14 0x805556e in main (ac=4, av=0xbffff4d4) at sshd.c:1177
#15 0x4020338b in __libc_start_main () from /lib/libc.so.6


..ooOO chris@chiappa.net              | My opinions are my own  OOoo..
..ooOO chris.chiappa@oracle.com       | and certainly not those OOoo..
..ooOO http://www.chiappa.net/~chris/ | of my employer          OOoo..