From Newsgroup: muc.lists.freebsd.ports
--000000000000686afa0644592046
Content-Type: text/plain; charset="UTF-8"
Hi - I maintain a Golang binding to C GSSAPI libraries (
https://github.com/golang-auth/go-gssapi-c). I added FBSD 15 as a test
target recently and have noticed crashes using Heimdal from ports on that platform.
I notice that libraries from /usr/lib are loaded into the process I think because of the references in /etc/gss/mech. My working assumption is that
this used to work prior to FBSD 15 because those libraries would also be Heimdal (from the base system) but now doesn't since those are MIT
libraries. Does that make any sense?
0x00000000402dd76c in gss_release_cred () from /usr/local/lib/heimdal/libgssapi.so.3
(gdb) bt
#0 0x00000000402dd76c in gss_release_cred () from /usr/local/lib/heimdal/libgssapi.so.3
#1 0x0000000041c493e0 in gss_acquire_cred_from () from /usr/lib/libgssapi_krb5.so.122
#2 0x0000000041c49328 in gss_acquire_cred () from /usr/lib/libgssapi_krb5.so.122
#3 0x00000000402d5fb4 in gss_acquire_cred () from /usr/local/lib/heimdal/libgssapi.so.3
#4 0x0000000000210a04 in main () at gsstest.c:49
The test program:
1 #include <stdio.h>
2 #include <string.h>
3 #include <gssapi/gssapi.h>
4
5
6
7 static void display_status_1(char *m, OM_uint32 code, int type)
8 {
9 OM_uint32 min_stat;
10 gss_buffer_desc msg;
11 OM_uint32 msg_ctx;
12
13 msg_ctx = 0;
14 while (1) {
15 gss_display_status(&min_stat, code,
16 type, GSS_C_NULL_OID,
17 &msg_ctx, &msg);
18 printf("GSS-API error %s: %s\n", m,
19 (char *)msg.value);
20 (void) gss_release_buffer(&min_stat, &msg);
21
22 if (!msg_ctx)
23 break;
24 }
25 }
26
27 void display_status(char *msg, OM_uint32 maj_stat, OM_uint32
min_stat)
28 {
29 display_status_1(msg, maj_stat, GSS_C_GSS_CODE);
30 display_status_1(msg, min_stat, GSS_C_MECH_CODE);
31 }
32
33 int main() {
34 gss_buffer_desc name_buf;
35 gss_name_t server_name;
36 OM_uint32 maj_stat, min_stat;
37 gss_cred_id_t server_creds = GSS_C_NO_CREDENTIAL;
38
39 name_buf.value = "
rack@foo.golang-auth.io";
40 name_buf.length = strlen(name_buf.value) + 1;
41 maj_stat = gss_import_name(&min_stat, &name_buf,
42 (gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name);
43 if (maj_stat != GSS_S_COMPLETE) {
44 printf("importing name failed: %d\n", maj_stat);
45 display_status("importing name", maj_stat, min_stat);
46 return -1;
47 }
48
49 maj_stat = gss_acquire_cred(&min_stat, server_name, 0,
50 GSS_C_NULL_OID_SET, GSS_C_ACCEPT,
51 &server_creds, NULL, NULL);
52 if (maj_stat != GSS_S_COMPLETE) {
53 printf("acquiring credentials failed: %d\n", maj_stat);
54 display_status("acquiring credentials", maj_stat,
min_stat);
55 return -1;
56 }
57
58 (void) gss_release_name(&min_stat, &server_name);
59
60 printf("OK! %p\n", server_creds);
61 return 0;
62 }
Perhaps I'm doing something wrong also..
Regards,
Jake
--000000000000686afa0644592046
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_quote gmail_quote_container"><div>Hi -=
I maintain a Golang binding to C GSSAPI libraries (<a href=3D"
https://gith= ub.com/golang-auth/go-gssapi-c" target=3D"_blank">
https://github.com/golang= -auth/go-gssapi-c</a>).=C2=A0 I added FBSD 15 as a test target recently and=
have noticed crashes using Heimdal from ports on that platform.</div><div = dir=3D"ltr"><br>I notice that libraries from /usr/lib are loaded into the p= rocess I think because of the references in /etc/gss/mech.=C2=A0 My working=
assumption is that this used to work prior to FBSD 15 because those librar= ies would also be Heimdal (from the base system) but now doesn't since = those are MIT libraries.=C2=A0 Does that make any sense?<br><br>0x000000004= 02dd76c in gss_release_cred () from /usr/local/lib/heimdal/libgssapi.so.3</= div><div dir=3D"ltr">(gdb) bt</div><div dir=3D"ltr">#0 0x00000000402dd76c i=
n gss_release_cred () from /usr/local/lib/heimdal/libgssapi.so.3=C2=A0</div= ><div dir=3D"ltr">#1 0x0000000041c493e0 in gss_acquire_cred_from () from /u= sr/lib/libgssapi_krb5.so.122=C2=A0</div><div dir=3D"ltr">#2 0x0000000041c49= 328 in gss_acquire_cred () from /usr/lib/libgssapi_krb5.so.122=C2=A0</div><= div dir=3D"ltr">#3 0x00000000402d5fb4 in gss_acquire_cred () from /usr/loca= l/lib/heimdal/libgssapi.so.3=C2=A0</div><div dir=3D"ltr">#4 0x0000000000210= a04 in main () at gsstest.c:49<br><br>The test program:<br><div>=C2=A0 =C2=
=A0 =C2=A01 =C2=A0#include <stdio.h><br>=C2=A0 =C2=A0 =C2=A02 =C2=A0#= include <string.h><br>=C2=A0 =C2=A0 =C2=A03 =C2=A0#include <gssapi= /gssapi.h><br>=C2=A0 =C2=A0 =C2=A04<br>=C2=A0 =C2=A0 =C2=A05<br>=C2=A0 = =C2=A0 =C2=A06<br>=C2=A0 =C2=A0 =C2=A07 =C2=A0static void display_status_1(= char *m, OM_uint32 code, int type)<br>=C2=A0 =C2=A0 =C2=A08 =C2=A0{<br>=C2=
=A0 =C2=A0 =C2=A09 =C2=A0 =C2=A0 =C2=A0 OM_uint32 min_stat;<br>=C2=A0 =C2=
=A0 10 =C2=A0 =C2=A0 =C2=A0 gss_buffer_desc msg;<br>=C2=A0 =C2=A0 11 =C2=A0=
=C2=A0 =C2=A0 OM_uint32 msg_ctx;<br>=C2=A0 =C2=A0 12<br>=C2=A0 =C2=A0 13 = =C2=A0 =C2=A0 =C2=A0 msg_ctx =3D 0;<br>=C2=A0 =C2=A0 14 =C2=A0 =C2=A0 =C2=
=A0 while (1) {<br>=C2=A0 =C2=A0 15 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0gss_display_status(&min_stat, code,<br>=C2=A0 =C2=A0 16 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 type, GSS_C_NULL_OI= D,<br>=C2=A0 =C2=A0 17 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 &msg_ctx, &msg);<br>=C2=A0 =C2=A0 18 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0printf("GSS-API error %s: %s\n", m,<br>=C2=A0=
=C2=A0 19 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0(char *)msg.value);<br>=C2=A0 =C2=A0 20 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0(void) gss_release_buffer(&min_stat, &ms= g);<br>=C2=A0 =C2=A0 21<br>=C2=A0 =C2=A0 22 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0if (!msg_ctx)<br>=C2=A0 =C2=A0 23 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 break;<br>=C2=A0 =C2=A0 24 =C2=A0 =C2=A0 =C2=A0 }<= br>=C2=A0 =C2=A0 25 =C2=A0}<br>=C2=A0 =C2=A0 26<br>=C2=A0 =C2=A0 27 =C2=A0v= oid display_status(char *msg, OM_uint32 maj_stat, OM_uint32 min_stat)<br>= =C2=A0 =C2=A0 28 =C2=A0{<br>=C2=A0 =C2=A0 29 =C2=A0 =C2=A0 =C2=A0 display_s= tatus_1(msg, maj_stat, GSS_C_GSS_CODE);<br>=C2=A0 =C2=A0 30 =C2=A0 =C2=A0 = =C2=A0 display_status_1(msg, min_stat, GSS_C_MECH_CODE);<br>=C2=A0 =C2=A0 3=
1 =C2=A0}<br>=C2=A0 =C2=A0 32<br>=C2=A0 =C2=A0 33 =C2=A0int main() {<br>=C2= =A0 =C2=A0 34 =C2=A0 =C2=A0 =C2=A0gss_buffer_desc name_buf;<br>=C2=A0 =C2=
=A0 35 =C2=A0 =C2=A0 =C2=A0gss_name_t server_name;<br>=C2=A0 =C2=A0 36 =C2=
=A0 =C2=A0 =C2=A0OM_uint32 maj_stat, min_stat;<br>=C2=A0 =C2=A0 37 =C2=A0 = =C2=A0 =C2=A0gss_cred_id_t server_creds =3D GSS_C_NO_CREDENTIAL;<br>=C2=A0 = =C2=A0 38<br>=C2=A0 =C2=A0 39 =C2=A0 =C2=A0 =C2=A0name_buf.value =3D "=
<a href=3D"mailto:
rack@foo.golang-auth.io" target=3D"_blank">
rack@foo.golan= g-auth.io</a>";<br>=C2=A0 =C2=A0 40 =C2=A0 =C2=A0 =C2=A0name_buf.lengt=
h =3D strlen(name_buf.value) + 1;<br>=C2=A0 =C2=A0 41 =C2=A0 =C2=A0 =C2=A0m= aj_stat =3D gss_import_name(&min_stat, &name_buf,<br>=C2=A0 =C2=A0 =
42 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0(gss_OID) GSS_C_NT_HOSTBASED_SERVICE, = &server_name);<br>=C2=A0 =C2=A0 43 =C2=A0 =C2=A0 =C2=A0if (maj_stat !=
=3D GSS_S_COMPLETE) {<br>=C2=A0 =C2=A0 44 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0printf("importing name failed: %d\n", maj_stat);<br>=C2=A0 =C2= =A0 45 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0display_status("importing nam= e", maj_stat, min_stat);<br>=C2=A0 =C2=A0 46 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0return -1;<br>=C2=A0 =C2=A0 47 =C2=A0 =C2=A0 =C2=A0}<br>=C2=A0 = =C2=A0 48<br>=C2=A0 =C2=A0 49 =C2=A0 =C2=A0 =C2=A0maj_stat =3D gss_acquire_= cred(&min_stat, server_name, 0,<br>=C2=A0 =C2=A0 50 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0GSS_C_NULL_OID_SET, GSS_C_ACCEPT,<br>=C2=A0 =C2=
=A0 51 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0&server_creds, NULL=
, NULL);<br>=C2=A0 =C2=A0 52 =C2=A0 =C2=A0 =C2=A0if (maj_stat !=3D GSS_S_CO= MPLETE) {<br>=C2=A0 =C2=A0 53 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 printf(&qu= ot;acquiring credentials failed: %d\n", maj_stat);<br>=C2=A0 =C2=A0 54=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 display_status("acquiring credenti= als", maj_stat, min_stat);<br>=C2=A0 =C2=A0 55 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 return -1;<br>=C2=A0 =C2=A0 56 =C2=A0 =C2=A0 =C2=A0}<br>=C2=
=A0 =C2=A0 57<br>=C2=A0 =C2=A0 58 =C2=A0 =C2=A0 =C2=A0(void) gss_release_na= me(&min_stat, &server_name);<br>=C2=A0 =C2=A0 59<br>=C2=A0 =C2=A0 6=
0 =C2=A0 =C2=A0 =C2=A0printf("OK! %p\n", server_creds);<br>=C2=A0=
=C2=A0 61 =C2=A0 =C2=A0 =C2=A0return 0;<br>=C2=A0 =C2=A0 62 =C2=A0}</div><= div><br></div><div>Perhaps I'm doing something wrong also..</div><div><= br></div><div><br></div><div>Regards,</div><div><br></div><div>Jake</div><d= iv><br></div></div>
</div></div>
--000000000000686afa0644592046--
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to
news-admin@muc.de
--- Synchronet 3.21a-Linux NewsLink 1.2