[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: heimdal - 0.8rc2 - kinit segfaults
Yes, see the patch in the 12/09/2006 note from Love:
Index: crypto.c
===================================================================
RCS file: /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/lib/hx509/crypto.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -p -u -w -r1.60 -r1.61
--- lib/hx509/crypto.c 6 Dec 2006 10:23:14 -0000 1.60
+++ lib/hx509/crypto.c 9 Dec 2006 12:56:34 -0000 1.61
@@ -1264,6 +1264,7 @@ _hx509_private_key_assign_rsa(hx509_priv
if (key->private_key.rsa)
RSA_free(key->private_key.rsa);
key->private_key.rsa = ptr;
+ key->signature_alg = oid_id_pkcs1_sha1WithRSAEncryption();
key->md = &pkcs1_rsa_sha1_alg;
}
P.S. is this testing with coolkey?
Chandrasekar Kannan wrote:
>
> I'm using Hiemdal -
> ftp://ftp.pdc.kth.se/pub/heimdal/src/snapshots/heimdal-0.8-rc2.tar.gz
>
> I managed finally to compile Hiemdal KDC and have set it up.
> Now I'm trying to do a kinit to get a ticket, and I'm noticing
> that kinit is segfaulting.
>
> [root@magic ~]# /usr/heimdal/bin/kinit -D /etc/pkinit/anchors -C
> PKCS11:/usr/lib/pkcs11/libcoolkeypk11.so
> PIN code for E-Gate 00 00:
> Segmentation fault
>
> Here's the stack trace for that.
>
> [root@rhcs ~]# gdb /usr/heimdal/bin/kinit ./core.9014
> GNU gdb Red Hat Linux (6.5-12.el5rh)
> Copyright (C) 2006 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you
> are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for details.
> This GDB was configured as "i386-redhat-linux-gnu"...Using host
> libthread_db library "/lib/i686/nosegneg/libthread_db.so.1".
>
>
> warning: Can't read pathname for load map: Input/output error.
> Reading symbols from /lib/libdl.so.2...done.
> Loaded symbols for /lib/libdl.so.2
> Reading symbols from /lib/libcrypto.so.6...done.
> Loaded symbols for /lib/libcrypto.so.6
> Reading symbols from /lib/libcom_err.so.2...done.
> Loaded symbols for /lib/libcom_err.so.2
> Reading symbols from /lib/libcrypt.so.1...done.
> Loaded symbols for /lib/libcrypt.so.1
> Reading symbols from /lib/libresolv.so.2...done.
> Loaded symbols for /lib/libresolv.so.2
> Reading symbols from /lib/i686/nosegneg/libpthread.so.0...done.
> Loaded symbols for /lib/i686/nosegneg/libpthread.so.0
> Reading symbols from /lib/i686/nosegneg/libc.so.6...done.
> Loaded symbols for /lib/i686/nosegneg/libc.so.6
> Reading symbols from /lib/ld-linux.so.2...done.
> Loaded symbols for /lib/ld-linux.so.2
> Reading symbols from /usr/lib/libz.so.1...done.
> Loaded symbols for /usr/lib/libz.so.1
> Reading symbols from /usr/lib/pkcs11/libcoolkeypk11.so...done.
> Loaded symbols for /usr/lib/pkcs11/libcoolkeypk11.so
> Reading symbols from /usr/lib/libckyapplet.so.1...done.
> Loaded symbols for /usr/lib/libckyapplet.so.1
> Reading symbols from /usr/lib/libstdc++.so.6...done.
> Loaded symbols for /usr/lib/libstdc++.so.6
> Reading symbols from /lib/i686/nosegneg/libm.so.6...done.
> Loaded symbols for /lib/i686/nosegneg/libm.so.6
> Reading symbols from /lib/libgcc_s.so.1...done.
> Loaded symbols for /lib/libgcc_s.so.1
> Reading symbols from /usr/lib/libpcsclite.so.1...done.
> Loaded symbols for /usr/lib/libpcsclite.so.1
> Failed to read a valid object file image from memory.
> Core was generated by `/usr/heimdal/bin/kinit -D /etc/pkinit/anchors/ -C
> PKCS11:/usr/lib/pkcs11/libcoo'.
> Program terminated with signal 11, Segmentation fault.
> #0 0x08090da5 in der_heim_oid_cmp (p=0x80d2ed4, q=0x0) at der_cmp.c:39
> 39 if (p->length != q->length)
> (gdb) where
> #0 0x08090da5 in der_heim_oid_cmp (p=0x80d2ed4, q=0x0) at der_cmp.c:39
> #1 0x0807ff21 in find_sig_alg (oid=0x0) at crypto.c:836
> #2 0x0807ff58 in find_keytype (key=<value optimized out>) at crypto.c:2086
> #3 0x08080b6e in hx509_crypto_select (context=0x9aad340, type=1,
> source=0x9ab2718,
> peer=0x0, selected=0xbf84959c) at crypto.c:2120
> #4 0x0807e245 in hx509_cms_create_signed_1 (context=0x9aad340,
> eContentType=0x80d30b4,
> data=0x9ab8748, length=658, digest_alg=0x0, cert=0x9ab2498, peer=0x0,
> anchors=0x0,
> pool=0x9ab00b8, signed_data=0xbf8496e0) at cms.c:980
> #5 0x0806ee5d in _krb5_pk_mk_padata (context=0x9aad008, c=0x9aae060,
> req_body=0xbf84f978,
> nonce=2835618996, md=0x9ab2628) at pkinit.c:154
> #6 0x08062ac9 in krb5_get_init_creds (context=0x9aad008, creds=0xbf851cd4,
> client=0x9aad2a8, prompter=0x8070ea0 <krb5_prompter_posix>, data=0x0,
> start_time=0,
> in_tkt_service=0x0, options=0x9ab5570) at init_creds_pw.c:1026
> #7 0x08063737 in krb5_get_init_creds_password (context=0x9aad008,
> creds=0xbf851cd4,
> client=0x9aad2a8, password=0xbf851bd4 "", prompter=0x8070ea0
> <krb5_prompter_posix>,
> data=0x0, start_time=0, in_tkt_service=0x0, in_options=0x9aae028)
> at init_creds_pw.c:1524
> #8 0x0804c104 in get_new_tickets (context=0x9aad008, principal=0x9aad2a8,
> ccache=0x9aad1d0, ticket_life=0, interactive=1) at kinit.c:591
> #9 0x0804cf57 in main (argc=7, argv=0x80d6b54) at kinit.c:892
> (gdb)
>
>
>
> Any ideas?
>
> thanks.
> --Chandra
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444