[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
getifaddrs/netlink problem
Hi,
when testing heimdal-0.7pre3, we have found problem with getifaddrs()
implementation from lib/roken (on linux. debian stable, but it should be general
linux problem). Program, which was doing krb5_get_in_tkt_with_keytab()
repeatedly, sometimes froze in netlink functions (when reading list of
interfaces). From man 7 netlink I have found that at least on my linux:
Netlink is not a reliable protocol. It tries its best to deliver a
message to its destination(s), but may drop messages when an out of memory
condition or other error occurs.
See attached trace from gdb - it looks like some netlink message was really
lost. Suggested solution would be not use blocking recvmsg() but select()
with timeout and repeat nl_sendreq() in case of problems...
My second question is about krb5_get_in_tkt_with_keytab() function. We have
no-addresses = yes in krb5.conf, so I would expect that getifaddrs() is not
needed to call. However, it's not clear to me how I should set parameter "addrs"
to avoid detection of IP addresses etc. Or is it really needed when doing
as_req?
--
Mirek Ruda
#0 0x40224892 in recvmsg () from /lib/libc.so.6
#1 0x080ad163 in nl_recvmsg (sd=5, request=18, seq=1117986903, buf=0x8111e8
buflen=65536, flags=0xbfffb3f8) at ../../../lib/roken/getifaddrs.c:304
#2 0x080ad1d7 in nl_getmsg (sd=5, request=18, seq=1117986903,
nlhp=0xbfffb444, done=0xbfffb448) at ../../../lib/roken/getifaddrs.c:331
#3 0x080ad351 in nl_getlist (sd=5, seq=1117986903, request=18,
nlm_list=0xbfffb4f4, nlm_end=0xbfffb4f8)
at ../../../lib/roken/getifaddrs.c:387
#4 0x080ad57e in getifaddrs (ifap=0xbfffb568)
at ../../../lib/roken/getifaddrs.c:500
#5 0x08095446 in find_all_addresses (context=0x80ef118, res=0x80f1b60,
flags=14) at ../../../lib/krb5/get_addrs.c:109
#6 0x08095796 in get_addrs_int (context=0x80ef118, res=0x80f1b60, flags=14)
at ../../../lib/krb5/get_addrs.c:233
#7 0x08095866 in krb5_get_all_client_addrs (context=0x80ef118, res=0x80f1b6
at ../../../lib/krb5/get_addrs.c:279
#8 0x08085723 in init_as_req (context=0x80ef118, opts=
{b = {reserved = 0, forwardable = 1, forwarded = 0, proxiable = 0, pro
0, allow_postdate = 0, postdated = 0, unused7 = 0, renewable = 0, unused9 =
unused10 = 0, unused11 = 0, request_anonymous = 0, canonicalize = 0, disable
nsited_check = 0, renewable_ok = 0, enc_tkt_in_skey = 0, renew = 0, validate
}, i = 3220701186}, creds=0xbfffb964, addrs=0x0, etypes=0x0,
ptypes=0xbfffb948, preauth=0x0, key_proc=0x8086070 <krb5_keytab_key_proc
keyseed=0xbfffb8d4, nonce=683628812, a=0xbfffb7dc)
at ../../../lib/krb5/get_in_tkt.c:500
#9 0x08085b52 in krb5_get_in_cred (context=0x80ef118, options=3220701186,
addrs=0x0, etypes=0x0, ptypes=0xbfffb948, preauth=0x0,
key_proc=0x8086070 <krb5_keytab_key_proc>, keyseed=0xbfffb8d4,
decrypt_proc=0, decryptarg=0x0, creds=0xbfffb964, ret_as_reply=0x0)
at ../../../lib/krb5/get_in_tkt.c:664
#10 0x08086041 in krb5_get_in_tkt (context=0x80ef118, options=2, addrs=0x0,
etypes=0x0, ptypes=0xbfffb948, key_proc=0x8086070 <krb5_keytab_key_proc>
keyseed=0xbfffb8d4, decrypt_proc=0, decryptarg=0x0, creds=0xbfffb964,
ccache=0x80f1b08, ret_as_reply=0x0) at ../../../lib/krb5/get_in_tkt.c:80
#11 0x0808614a in krb5_get_in_tkt_with_keytab (context=0x80ef118, options=2,
addrs=0x0, etypes=0x0, pre_auth_types=0xbfffb948, keytab=0x0,
ccache=0x80f1b08, creds=0xbfffb964, ret_as_reply=0x0)
at ../../../lib/krb5/get_in_tkt_with_keytab.c:87