From owner-freebsd-stable@FreeBSD.ORG  Sat Jul 17 13:41:53 2010
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5CBBB1065677
	for <freebsd-stable@freebsd.org>; Sat, 17 Jul 2010 13:41:53 +0000 (UTC)
	(envelope-from jdc@koitsu.dyndns.org)
Received: from qmta08.westchester.pa.mail.comcast.net
	(qmta08.westchester.pa.mail.comcast.net [76.96.62.80])
	by mx1.freebsd.org (Postfix) with ESMTP id 8AFD68FC1A
	for <freebsd-stable@freebsd.org>; Sat, 17 Jul 2010 13:41:51 +0000 (UTC)
Received: from omta01.westchester.pa.mail.comcast.net ([76.96.62.11])
	by qmta08.westchester.pa.mail.comcast.net with comcast
	id j06b1e0010EZKEL581hsWk; Sat, 17 Jul 2010 13:41:52 +0000
Received: from koitsu.dyndns.org ([98.248.41.155])
	by omta01.westchester.pa.mail.comcast.net with comcast
	id j1hq1e0013LrwQ23M1hrVR; Sat, 17 Jul 2010 13:41:52 +0000
Received: by icarus.home.lan (Postfix, from userid 1000)
	id 322509B425; Sat, 17 Jul 2010 06:41:49 -0700 (PDT)
Date: Sat, 17 Jul 2010 06:41:49 -0700
From: Jeremy Chadwick <freebsd@jdc.parodius.com>
To: Joerg Pulz <Joerg.Pulz@frm2.tum.de>
Message-ID: <20100717134149.GA40907@icarus.home.lan>
References: <3FE6787E5CAC4C108C031CA6C8044FE4@rivendell>
	<20100716092512.GA99365@icarus.home.lan>
	<EF24D143F0AF49AD9B27F838AFA0A6F4@rivendell>
	<20100716110427.GA1939@icarus.home.lan>
	<20100716111000.GA2501@icarus.home.lan>
	<7AD0E8F6044245DEA6C218A28F08FB99@rivendell>
	<20100716122446.GA3241@icarus.home.lan>
	<B06E2DF2032C480AA3094E2F561911AF@rivendell>
	<20100716135102.GA5625@icarus.home.lan>
	<alpine.BSF.2.00.1007170834400.32465@unqrf.nqzva.sez2>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.BSF.2.00.1007170834400.32465@unqrf.nqzva.sez2>
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: Reko Turja <reko.turja@liukuma.net>,
	"Mikhail T." <mi+thun@aldan.algebra.com>, freebsd-stable@freebsd.org,
	Henrik /KaarPoSoft <henrik@kaarposoft.dk>
Subject: Re: openldap client GSSAPI authentication segfaults in
 fbsd8stablei386
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Jul 2010 13:41:53 -0000

On Sat, Jul 17, 2010 at 08:55:54AM +0200, Joerg Pulz wrote:
> i followed this thread so far and searched a little bit about the issue.
> I also tested on my machines and came to an interesting point.
> First my setup is pretty straight forward.
> 
> Set HEIMDAL_HOME=/usr .
> Build security/cyrus-sasl2 (OPTIONS don't matter i think).
> Build net/openldap24-sasl-client (select SASL OPTION)
> 
> If you don't have any accessible LDAP server on your net (OpenLDAP
> or Windows AD doesn't matter) you have to build and just start one
> for yourself.
> 
> Afterwards just try the following command:
> 
> ldapsearch -Ygssapi -h <LDAP server hostname>
> 
> Now the interesting point.
> On my amd64 system i get this after executing the above command:
> 
> SASL/GSSAPI authentication started
> ldap_sasl_interactive_bind_s: Local error (-2)
>         additional info: SASL(-1): generic failure: GSSAPI Error:
> Miscellaneous failure (see text) (unknown mech-code 2 for mech
> unknown)
> 
> While on my i386 system i get this:
> 
> SASL/GSSAPI authentication started
> Segmentation fault (core dumped)
> 
> A quick look at the gdb bt of the core file looks like this:
> 
> #0  0x28310ef5 in free () from /lib/libc.so.7
> #1  0x283fc972 in gss_release_buffer () from /usr/lib/libgssapi.so.10
> #2  0x283fc37e in gss_release_name () from /usr/lib/libgssapi.so.10
> #3  0x283f8da9 in gss_init_sec_context () from /usr/lib/libgssapi.so.10
> #4  0x283f1a0b in gssapi_client_mech_step ()
>    from /usr/local/lib/sasl2/libgssapiv2.so.2
> #5  0x280ed4f4 in sasl_client_step () from /usr/local/lib/libsasl2.so.2
> 
> So i think i've hit the same bug all others are experiencing.
> It looks like it is a i386 speciality but it can also be pure luck
> an amd64.
> I found at least one other report on the net which looks very
> similar to what i see. i386 == Segmentation fault, amd64 == Error
> message.
>
> Jeremy, is your test system running on amd64 or i386?

The test system is amd64.  I'm not doubting the issue may be more
apparent/easier to occur on i386, but "pure luck on amd64" is a bit
surprising.

I'll build an i386 version of my testbox and start the procedure over
again.

-- 
| Jeremy Chadwick                                   jdc@parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |