Re: BUG #5121: Segmentation Fault when using pam w/ krb5 - Mailing list pgsql-bugs
| From | Douglas, Ryan |
|---|---|
| Subject | Re: BUG #5121: Segmentation Fault when using pam w/ krb5 |
| Date | |
| Msg-id | 706C25916A1ADD489F69906EC24FC07E026FE01E@vamail02.TheXchange.com Whole thread Raw |
| In response to | Re: BUG #5121: Segmentation Fault when using pam w/ krb5 (Magnus Hagander <magnus@hagander.net>) |
| List | pgsql-bugs |
Tom,
You were right. According to the trace msg[0] is null.
(gdb) set follow-fork-mode child
(gdb) c
Continuing.
[Thread debugging using libthread_db enabled]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f5a6c2b77b0 (LWP 23208)]
0x0000000000580cf4 in pam_passwd_conv_proc (num_msg=3D0, msg=3D0x21015a0,
resp=3D0x7fff5955a0b8, appdata_ptr=3D0x7f20c7) at auth.c:1868
1868 auth.c: No such file or directory.
in auth.c
(gdb) backtrace
#0 0x0000000000580cf4 in pam_passwd_conv_proc (num_msg=3D0, msg=3D0x21015a=
0,
resp=3D0x7fff5955a0b8, appdata_ptr=3D0x7f20c7) at auth.c:1868
#1 0x00007f59e36f8dd8 in _pam_krb5_conv_call (pamh=3D<value optimized out>,
messages=3D0x2101490, n_prompts=3D0, responses=3D0x7fff5955a0b8) at con=
v.c:99
#2 0x00007f59e36f9b38 in _pam_krb5_generic_prompter (
context=3D<value optimized out>, data=3D0x7fff5955ba30,
name=3D<value optimized out>, banner=3D<value optimized out>, num_promp=
ts=3D1,
prompts=3D<value optimized out>, suppress_password_prompts=3D1)
at prompter.c:330
#3 0x00007f59e36f9e10 in _pam_krb5_normal_prompter (context=3D0x0,
data=3D0x21015a0, name=3D0x7fff5955a0b8 "", banner=3D0x7f20c7 "",
num_prompts=3D0, prompts=3D0x101010101010101) at prompter.c:409
#4 0x00000031d3660bce in krb5_get_as_key_password (context=3D0x20fe420,
client=3D<value optimized out>, etype=3D23, prompter=3D<value optimized=
out>,
prompter_data=3D<value optimized out>, salt=3D0x7fff5955a950,
params=3D0x7fff5955a940, as_key=3D0x7fff5955a910, gak_data=3D0x7fff5955=
ab70)
at gic_pwd.c:61
#5 0x00000031d3667713 in pa_enc_timestamp (context=3D0x20fe420,
request=3D<value optimized out>, in_padata=3D<value optimized out>,
out_padata=3D0x7fff5955a780, salt=3D<value optimized out>,
s2kparams=3D<value optimized out>, etype=3D0x7fff5955a99c,
as_key=3D0x7fff5955a910,
prompter=3D0x7f59e36f9e00 <_pam_krb5_normal_prompter>,
prompter_data=3D0x7fff5955ba30,
---Type <return> to continue, or q <return> to quit---
gak_fct=3D0x31d36609f0 <krb5_get_as_key_password>, gak_data=3D0x7fff595=
5ab70)
at preauth2.c:635
#6 0x00000031d3667e0c in krb5_do_preauth (context=3D<value optimized out>,
request=3D0x7fff5955a890, encoded_request_body=3D<value optimized out>,
encoded_previous_request=3D<value optimized out>, in_padata=3D0x2100ac0,
out_padata=3D<value optimized out>, salt=3D0x7fff5955a950,
s2kparams=3D0x7fff5955a940, etype=3D0x7fff5955a99c, as_key=3D0x7fff5955=
a910,
prompter=3D0x7f59e36f9e00 <_pam_krb5_normal_prompter>,
prompter_data=3D0x7fff5955ba30,
gak_fct=3D0x31d36609f0 <krb5_get_as_key_password>, gak_data=3D0x7fff595=
5ab70,
get_data_rock=3D0x7fff5955a930, opte=3D0x20fe960) at preauth2.c:1586
#7 0x00000031d365f251 in krb5_get_init_creds (context=3D0x20fe420,
creds=3D<value optimized out>, client=3D<value optimized out>,
prompter=3D<value optimized out>, prompter_data=3D<value optimized out>,
start_time=3D<value optimized out>,
in_tkt_service=3D0x7fff5955baa0 "krbtgt/THEXCHANGE.COM@THEXCHANGE.COM",
options=3D0x20fe960, gak_fct=3D0x31d36609f0 <krb5_get_as_key_password>,
gak_data=3D0x7fff5955ab70, use_master=3D0x7fff5955abac,
as_reply=3D0x7fff5955aba0) at get_in_tkt.c:1106
#8 0x00000031d3660f18 in krb5_get_init_creds_password (context=3D0x20fe420,
creds=3D<value optimized out>, client=3D<value optimized out>,
password=3D<value optimized out>,
prompter=3D0x7f59e36f9e00 <_pam_krb5_normal_prompter>,
data=3D<value optimized out>, start_time=3D0, ---Type <return> to conti=
nue, or q <return> to quit---
in_tkt_service=3D0x7fff5955baa0 "krbtgt/THEXCHANGE.COM@THEXCHANGE.COM",
options=3D0x20fe960) at gic_pwd.c:139
#9 0x00007f59e36ff571 in v5_get_creds (ctx=3D0x20fe420,
pamh=3D<value optimized out>, creds=3D<value optimized out>,
user=3D<value optimized out>, userinfo=3D0x20fecf0, options=3D0x20fe9c0,
service=3D0x7f59e3703bf8 "krbtgt", password=3D0x0, gic_options=3D0x20fe=
960,
prompter=3D0x7f59e36f9e00 <_pam_krb5_normal_prompter>, result=3D0x21002=
d4)
at v5.c:1014
#10 0x00007f59e36f53cf in pam_sm_authenticate (pamh=3D0x210f5a0, flags=3D0,
argc=3D<value optimized out>, argv=3D<value optimized out>) at auth.c:4=
23
#11 0x00000031d0202c1e in _pam_dispatch_aux (
use_cached_chain=3D<value optimized out>, resumed=3D<value optimized ou=
t>,
h=3D<value optimized out>, flags=3D<value optimized out>,
pamh=3D<value optimized out>) at pam_dispatch.c:110
#12 _pam_dispatch (use_cached_chain=3D<value optimized out>,
resumed=3D<value optimized out>, h=3D<value optimized out>,
flags=3D<value optimized out>, pamh=3D<value optimized out>)
at pam_dispatch.c:407
#13 0x00000031d0202500 in pam_authenticate (pamh=3D0x210f5a0, flags=3D0)
at pam_auth.c:34
#14 0x00000000005810d1 in CheckPAMAuth (user=3D<value optimized out>,
port=3D<value optimized out>, password=3D<value optimized out>) at auth=
.c:1999
#15 ClientAuthentication (user=3D<value optimized out>,
port=3D<value optimized out>, password=3D<value optimized out>) at auth=
.c:430 ---Type <return> to continue, or q <return> to quit---
#16 0x00000000005e035c in BackendInitialize (port=3D0x20fd460)
at postmaster.c:3324
#17 0x00000000005e0c3c in BackendStartup (port=3D<value optimized out>)
at postmaster.c:3058
#18 ServerLoop (port=3D<value optimized out>) at postmaster.c:1387
#19 0x00000000005e354d in PostmasterMain (argc=3D1, argv=3D0x20b9010)
at postmaster.c:1040
#20 0x0000000000588900 in main (argc=3D1, argv=3D0x20b9010) at main.c:188
(gdb) print num_msg
$1 =3D 0
(gdb) print msg[0]
$2 =3D (const struct pam_message *) 0x0
(gdb)
-----Original Message-----
From: Magnus Hagander [mailto:magnus@hagander.net]=20
Sent: Friday, October 16, 2009 2:05 PM
To: Tom Lane
Cc: Douglas, Ryan; pgsql-bugs
Subject: Re: [BUGS] BUG #5121: Segmentation Fault when using pam w/ krb5
2009/10/16 Tom Lane <tgl@sss.pgh.pa.us>:
> I wrote:
>> The best idea I can come up with is that the conv_proc is being called
>> with zero messages and is dumping core because it tries to print the
>> contents of msg[0]. =A0However, it's far from clear why libpam would
>> bother to call it with zero messages.
>
> Hah --- found it. =A0(Man, it is so nice working with open source that
> you can actually look at...) =A0prompter.c in pam_krb5 has
>
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0/* Skip any prompt for which the supplied =
default answer is the
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 * previously-entered password -- it's jus=
t a waste of the
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 * user's time. =A0*/
>
> So it definitely is possible to call our proc with zero messages, and
> whether this will happen or not is probably dependent on the behavior
> of the KDC, and even then, ereport might or might not dump core depending
> on the contents of the not-allocated msg[0] array member.
>
> I will go and rewrite this function to look more like openssh's,
> on the assumption that their version is probably pretty well battle
> tested.
Yeah, that sounds like a reasonable thing to do.
--=20
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
pgsql-bugs by date: