[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

gss_get_mic faults if GSS_S_CONTINUE_NEEDED but GSS_C_INTEG_FLAGset

When calling gss_init_sec_context a TGS-REQ/TGS-REP transpires and
GSS_S_CONTINUE_NEEDED is returned with GSS_C_INTEG_FLAG on (and rightly
so). However calling gss_get_mic at this point faults:

  4480: SIGSEGV: Invalid memory reference: SEGV_MAPERR: Address not mapped to object: 0x10
  #4  <signal handler called>
  #5  gss_krb5_get_subkey (context_handle=0x0, key=0xbff8f8dc) at wrap.c:45
  #6  0x00188103 in gss_krb5_get_mic (minor_status=0xbff8fe68, context_handle=0x0, qop_req=0, message_buffer=0xbff8fe60, message_token=0xbff8fe58) at get_mic.c:273
  #7  0x001171fc in gss_get_mic (minor_status=0xbff8fe68, context_handle=0x8ea03b0, qop_req=0, message_buffer=0xbff8fe60, msg_token=0xbff8fe58) at g_sign.c:105

As you can see ctx->internal_ctx_id is NULL:

  104     if (mech->gss_get_mic != NULL)
  105         status = mech->gss_get_mic(minor_status,
  106 /* still NULL even though GSS_C_INTEG_FLAG ready
  107                        ctx->internal_ctx_id,
  108 */
  109                        context_handle,
  110                        (gss_qop_t)qop_req,

If I tweek the code thinking I can just use the supplied non-internal context
handle I get another fault:

  6453: SIGSEGV: Invalid memory reference: SEGV_MAPERR: Address not mapped to object: 0x14
  #5  <signal handler called>
  #6  krb5_auth_con_getlocalsubkey (context=0x8e1acc8, auth_context=0x0, keyblock=0xbfecad78) at auth_context.c:286
  #7  0x0012d074 in gss_krb5_get_subkey (context_handle=0x8e073b0, key=0x8e1acc8) at wrap.c:50
  #8  0x00129103 in gss_krb5_get_mic (minor_status=0xbfecb3b8, context_handle=0x8e073b0, qop_req=0, message_buffer=0xbfecb3b0, message_token=0xbfecb3a8) at get_mic.c:273
  #9  0x00f6e1fa in gss_get_mic (minor_status=0xbfecb3b8, context_handle=0x8e073b0, qop_req=0, message_buffer=0xbfecb3b0, msg_token=0xbfecb3a8) at g_sign.c:105

Similar problem again but it's the context_handle->auth_context that's

   49     } else {
   50     krb5_auth_con_getlocalsubkey(gssapi_krb5_context,
   51                      context_handle->auth_context,
   52                      &skey);
   53     }

So it seems the krb5_auth_context isn't initialized enough to use the
gss_get_mic function.

I've only started to look into this but clearly it means understanding
the gss/krb5 code at a much deeper level than I currently do so I would
greatly appreciate any insight as to how to properly fix the code.

Also, I'm using the mechglue branch. I don't know if this works in the
main branch but my understanding is that mechglue is the future of GSS
so I'm focusing on mechglue.