Hi - I maintain a Golang binding to C GSSAPI libraries (
https://github.com/golang-auth/go-gssapi-c). I added FBSD 15 as a test
target recently and have noticed crashes using Heimdal from ports on that
platform.
I notice that libraries from /usr/lib are loaded into the process I think
because of the references in /etc/gss/mech. My working assumption is that
this used to work prior to FBSD 15 because those libraries would also be
Heimdal (from the base system) but now doesn't since those are MIT
libraries. Does that make any sense?
0x00000000402dd76c in gss_release_cred () from
/usr/local/lib/heimdal/libgssapi.so.3
(gdb) bt
#0 0x00000000402dd76c in gss_release_cred () from
/usr/local/lib/heimdal/libgssapi.so.3
#1 0x0000000041c493e0 in gss_acquire_cred_from () from
/usr/lib/libgssapi_krb5.so.122
#2 0x0000000041c49328 in gss_acquire_cred () from
/usr/lib/libgssapi_krb5.so.122
#3 0x00000000402d5fb4 in gss_acquire_cred () from
/usr/local/lib/heimdal/libgssapi.so.3
#4 0x0000000000210a04 in main () at gsstest.c:49
The test program:
1 #include <stdio.h>
2 #include <string.h>
3 #include <gssapi/gssapi.h>
4
5
6
7 static void display_status_1(char *m, OM_uint32 code, int type)
8 {
9 OM_uint32 min_stat;
10 gss_buffer_desc msg;
11 OM_uint32 msg_ctx;
12
13 msg_ctx = 0;
14 while (1) {
15 gss_display_status(&min_stat, code,
16 type, GSS_C_NULL_OID,
17 &msg_ctx, &msg);
18 printf("GSS-API error %s: %s\n", m,
19 (char *)msg.value);
20 (void) gss_release_buffer(&min_stat, &msg);
21
22 if (!msg_ctx)
23 break;
24 }
25 }
26
27 void display_status(char *msg, OM_uint32 maj_stat, OM_uint32
min_stat)
28 {
29 display_status_1(msg, maj_stat, GSS_C_GSS_CODE);
30 display_status_1(msg, min_stat, GSS_C_MECH_CODE);
31 }
32
33 int main() {
34 gss_buffer_desc name_buf;
35 gss_name_t server_name;
36 OM_uint32 maj_stat, min_stat;
37 gss_cred_id_t server_creds = GSS_C_NO_CREDENTIAL;
38
39 name_buf.value = "[email protected]";
40 name_buf.length = strlen(name_buf.value) + 1;
41 maj_stat = gss_import_name(&min_stat, &name_buf,
42 (gss_OID) GSS_C_NT_HOSTBASED_SERVICE, &server_name);
43 if (maj_stat != GSS_S_COMPLETE) {
44 printf("importing name failed: %d\n", maj_stat);
45 display_status("importing name", maj_stat, min_stat);
46 return -1;
47 }
48
49 maj_stat = gss_acquire_cred(&min_stat, server_name, 0,
50 GSS_C_NULL_OID_SET, GSS_C_ACCEPT,
51 &server_creds, NULL, NULL);
52 if (maj_stat != GSS_S_COMPLETE) {
53 printf("acquiring credentials failed: %d\n", maj_stat);
54 display_status("acquiring credentials", maj_stat,
min_stat);
55 return -1;
56 }
57
58 (void) gss_release_name(&min_stat, &server_name);
59
60 printf("OK! %p\n", server_creds);
61 return 0;
62 }
Perhaps I'm doing something wrong also..
Regards,
Jake
