When using saslauthd with the kerberos5 authentication mechanism, if we have no "host/..." key in /etc/krb5.keytab, saslauthd fails complaining about invalid pointer. I've tested this with testsaslauthd. Reproducible: Always Steps to Reproduce: 1. Emerge cyrus-sasl mit-krb5 2. Create kerberos database and add user (this involves a few steps, contact me if you need further directions) 3. Run saslauthd -a kerberos5 -d 4. Run testsaslauthd -u user -p password (testsaslauthd is not built by default, I built it from cyrus-sasl sources) Actual Results: saslauthd fails with the following message: free(): invalid pointer 0xbffff1f8! saslauthd[22874] :do_auth : auth failure: [user=user] [service=imap] [realm=] [mech=kerberos5] [reason=saslauthd internal error] Expected Results: saslauthd should hava authenticated the user with no problem Portage 2.0.50-r7 (default-x86-1.4, gcc-3.3.2, glibc-2.3.2-r9, 2.4.25-gentoo-r2) ================================================================= System uname: 2.4.25-gentoo-r2 i686 AMD Athlon(tm) Processor Gentoo Base System version 1.4.10 Autoconf: sys-devel/autoconf-2.59-r3 Automake: sys-devel/automake-1.8.3 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-march=athlon -O3 -pipe -mmmx -m3dnow" CHOST="i686-pc-linux-gnu" COMPILER="gcc3" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/lib/jboss /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -mcpu=i686 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache sandbox" GENTOO_MIRRORS="http://gentoo.oregonstate.edu http://distro.ibiblio.org/pub/Linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="apache2 apm arts avi berkdb crypt cups doc encode flash foomaticdb gd gdbm gif gpm gtk2 imap imlib innodb java jpeg kerberos lcms ldap libg++ libwww mad maildir mcalc mikmod motif mpeg mysql ncurses nls oggvorbis opengl oss pam pdflib perl png postgres ppds python quicktime readline samba sasl sdl slang slp spell ssl svga tcpd tetex tiff truetype virus-scan x86 xml xml2 xmms xv zlib" This error has been reported and solved, you may take a look at the following links: http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=5641 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=123898 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=100419&action=view
I forgot... POSSIBLE WORKAROUND ------------------- Include the name of your host as a host/hostname.domain in your /etc/krb5.keytab: kadmin.local -q "addprinc -randkey host/hostname.domain" kadmin.local -q "ktadd host/hostname.domain"
the https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=100419&action=view patch works for you?
I have no experience applying patches, so I'm now working with the proposed workaround. If you really need me to test the patch, could you please give me some advice? Thanks
the patch is to cyrus-sasl, so giving this to net-mail team. not sure if the bug is even valid any more.
Please reopen if this is still a problem. Thank you.
