From owner-freebsd-stable@FreeBSD.ORG Sat Jul 17 13:41:53 2010 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5CBBB1065677 for ; Sat, 17 Jul 2010 13:41:53 +0000 (UTC) (envelope-from jdc@koitsu.dyndns.org) Received: from qmta08.westchester.pa.mail.comcast.net (qmta08.westchester.pa.mail.comcast.net [76.96.62.80]) by mx1.freebsd.org (Postfix) with ESMTP id 8AFD68FC1A for ; Sat, 17 Jul 2010 13:41:51 +0000 (UTC) Received: from omta01.westchester.pa.mail.comcast.net ([76.96.62.11]) by qmta08.westchester.pa.mail.comcast.net with comcast id j06b1e0010EZKEL581hsWk; Sat, 17 Jul 2010 13:41:52 +0000 Received: from koitsu.dyndns.org ([98.248.41.155]) by omta01.westchester.pa.mail.comcast.net with comcast id j1hq1e0013LrwQ23M1hrVR; Sat, 17 Jul 2010 13:41:52 +0000 Received: by icarus.home.lan (Postfix, from userid 1000) id 322509B425; Sat, 17 Jul 2010 06:41:49 -0700 (PDT) Date: Sat, 17 Jul 2010 06:41:49 -0700 From: Jeremy Chadwick To: Joerg Pulz Message-ID: <20100717134149.GA40907@icarus.home.lan> References: <3FE6787E5CAC4C108C031CA6C8044FE4@rivendell> <20100716092512.GA99365@icarus.home.lan> <20100716110427.GA1939@icarus.home.lan> <20100716111000.GA2501@icarus.home.lan> <7AD0E8F6044245DEA6C218A28F08FB99@rivendell> <20100716122446.GA3241@icarus.home.lan> <20100716135102.GA5625@icarus.home.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.20 (2009-06-14) Cc: Reko Turja , "Mikhail T." , freebsd-stable@freebsd.org, Henrik /KaarPoSoft Subject: Re: openldap client GSSAPI authentication segfaults in fbsd8stablei386 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2010 13:41:53 -0000 On Sat, Jul 17, 2010 at 08:55:54AM +0200, Joerg Pulz wrote: > i followed this thread so far and searched a little bit about the issue. > I also tested on my machines and came to an interesting point. > First my setup is pretty straight forward. > > Set HEIMDAL_HOME=/usr . > Build security/cyrus-sasl2 (OPTIONS don't matter i think). > Build net/openldap24-sasl-client (select SASL OPTION) > > If you don't have any accessible LDAP server on your net (OpenLDAP > or Windows AD doesn't matter) you have to build and just start one > for yourself. > > Afterwards just try the following command: > > ldapsearch -Ygssapi -h > > Now the interesting point. > On my amd64 system i get this after executing the above command: > > SASL/GSSAPI authentication started > ldap_sasl_interactive_bind_s: Local error (-2) > additional info: SASL(-1): generic failure: GSSAPI Error: > Miscellaneous failure (see text) (unknown mech-code 2 for mech > unknown) > > While on my i386 system i get this: > > SASL/GSSAPI authentication started > Segmentation fault (core dumped) > > A quick look at the gdb bt of the core file looks like this: > > #0 0x28310ef5 in free () from /lib/libc.so.7 > #1 0x283fc972 in gss_release_buffer () from /usr/lib/libgssapi.so.10 > #2 0x283fc37e in gss_release_name () from /usr/lib/libgssapi.so.10 > #3 0x283f8da9 in gss_init_sec_context () from /usr/lib/libgssapi.so.10 > #4 0x283f1a0b in gssapi_client_mech_step () > from /usr/local/lib/sasl2/libgssapiv2.so.2 > #5 0x280ed4f4 in sasl_client_step () from /usr/local/lib/libsasl2.so.2 > > So i think i've hit the same bug all others are experiencing. > It looks like it is a i386 speciality but it can also be pure luck > an amd64. > I found at least one other report on the net which looks very > similar to what i see. i386 == Segmentation fault, amd64 == Error > message. > > Jeremy, is your test system running on amd64 or i386? The test system is amd64. I'm not doubting the issue may be more apparent/easier to occur on i386, but "pure luck on amd64" is a bit surprising. I'll build an i386 version of my testbox and start the procedure over again. -- | Jeremy Chadwick jdc@parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |