touch-packages team mailing list archive

Thread
Date
[Bug 1326500] Re: libgssapi-krb5-2: segfault when mechglue loops endlessly on call to gss_add_cred_from

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Brian Murray <brian@xxxxxxxxxx>
Date: Thu, 02 Oct 2014 18:13:23 -0000
Reply-to: Bug 1326500 <1326500@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Hello Sam, or anyone else affected,

Accepted krb5 into trusty-proposed. The package will build now and be
available at http://launchpad.net/ubuntu/+source/krb5/1.12+dfsg-2ubuntu5
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: krb5 (Ubuntu Trusty)
       Status: Triaged => Fix Committed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/1326500

Title:
  libgssapi-krb5-2: segfault when mechglue loops endlessly on call to
  gss_add_cred_from

Status in “krb5” package in Ubuntu:
  Fix Released
Status in “krb5” source package in Trusty:
  Fix Committed

Bug description:
  There's a bug fixed in krb5 1.12.1+dfsg-2 (just uploaded to Debian) where if a gss-api mechanism is dynamically loaded, and that mechanism uses symbols from libgssapi_krb5, and doesn't provide certain optional entry points added in krb5 1.12, then calling one of those entry points will cause the mechglue to call itself.  This results in an endless loop and the process eventually crashes on stack exhaustion.
  Unfortunately, one of the entry points, gss_add_cred_from is going to get called quite commonly.
  So, this means that if you're using Ubuntu to develop a GSS-API mechanism or are installing a third party gss-api mechanism, things are going to crash, mostly whenever anyone tries to use gss-api as a server, regardless of whether they intended to use your application.

  I'd like to see this fixed in trusty, so I'm giving a detailed repro below.  Patch against trusty coming shortly.
  Apologies that the repro is a bit involved; there's not a mechanism packaged in Ubuntu that easily exhibits this.  However, you really ought to be able to use Ubuntu to develop a GSS mechanism without crashing all your gss apps.

  On a stock trusty system, first install the attached mech file as
  /usr/etc/gss/mech (yes that's /usr/etc, not /etc) and then run the
  following:

    sudo add-apt-repository  ppa:moonshot/daily
    sudo apt-get update
      4  sudo apt-get  install bzr libkrb5-dev libradsec-dev   libssl-dev libjansson-dev autoconf automake libtool  build-essential
    bzr branch -r739 lp:moonshot
    cd moonshot/
    autoreconf  -i
    ./configure --without-opensaml --without-shibresolver
    make -j3
    sudo make install
    sudo apt-get install krb5-gss-samples
    gss-server host@localhost

  This will segfault

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/1326500/+subscriptions