Hi Randell, This is my observaion,but I am not sure.Can you confirm me about this.
The new version of qpopper-4.0.13 is having this function "pam_setcred (pamh, PAM_DELETE_CRED)" at line 564 in popper/pop_pass.c file.If we commment this line then qpopper with pam is working on all platforms.The pam_sercred function of pam is trying to return message array of three(that is the reason why num_msg =3),whereas the qpopper conversation function is handling when num_msg=1 and cribbing when num_msg is more than 1.That is the reason why (char *) msg[0]->msg is showing the "Removing root credentials would break the rpc services that" message whereas (char *) msg[1]->msg is showing bad address Thanks & Regards, Ravindranath ________________________________ From: Randall Gellens [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 09, 2008 6:54 AM To: Ravindranath, Chavalam Cc: [email protected] Subject: Re: Qpopper failure while using with pam option enabled At 9:21 AM +0000 4/8/08, Chavalam Ravindranath wrote: Hi, I have built qpopper(4.0.9) on hpux 11.11 using --with-pam option. But when I try to test this I am getting the following o/p. # telnet localhost 110 Trying... Connected to localhost. Escape character is '^]'. +OK Qpopper (version 4.0.9) at skoda.ind.hp.com starting. user test +OK Password required for test. pass test Connection closed by foreign host. when I debugged with gdb backtrace looks like this #0 0x1bf50 in PAM_qpopper_conv (num_msg=3, msg=0x7f7f6598, resp=0x7f7f6520, appdata_ptr=0x7f7f0bb8) at pop_pass.c:442 #1 0x7aeb5f10 in __pam_input_output+0x128 () from /usr/lib/libpam.1 #2 0x7aeb5d90 in __pam_display_msg+0x24 () from /usr/lib/libpam.1 #3 0x7ad89fb8 in pam_sm_setcred+0x2e8 () from /usr/lib/security/libpam_unix.1 #4 0x7aeb3a90 in pam_setcred+0xec () from /usr/lib/libpam.1 #5 0x1c754 in auth_user (p=0x7f7f0bb8, pw=0x7f7f1d24) at pop_pass.c:564 #6 0x1ca68 in pop_pass (p=0x7f7f0bb8) at pop_pass.c:1261 #7 0x237f0 in qpopper (argc=1, argv=0x7f7f09ec) at popper.c:349 #8 0x30d1c in main (argc=1, argv=0x7f7f09ec) at main.c:168 the msg structure(second argument for PAM_qpopper_conv) is generated within __pam_input_output with num_msg=3 .msg[1] is showing bad address (gdb) p (char *) msg[0]->msg $26 = 0x7f7f2498 "Removing root credentials would break the rpc services that" (gdb) p (char *) msg[1]->msg Error accessing memory address 0x4: Bad address. In libpam library,msg structure is created properly but PAM_qpopper_conv is unable to access the msg memory structure When I gave wrong password I am getting this error # telnet localhost 110 Trying... Connected to localhost. Escape character is '^]'. +OK Qpopper (version 4.0.9) at skoda.ind.hp.com starting. user test +OK Password required for test. pass test1 -ERR [AUTH] PAM authentication failed for user "test": Authentication failed (9) +OK Pop server at skoda.ind.hp.com signing off. Connection closed by foreign host. Seems it is authenticating but not able to read the msg structure Hope you can help me to fix this issue or do I need to send any additional information regard this issue. Thanks & Regards, Ravindranath I'm puzzled. Did you build from the original 4.0.9 sources or from a package? I'm wondering if perhaps there is a problem with a library mismatch from a precompiled or intermediate file? You could try building 4.0.11 to see if it is better. I'd also suggest getting a Qpopper trace just to see what it shows. To enable tracing in Qpopper: 1. Do a 'make clean' 2. Re-run ./configure, adding '--enable-debugging'. 3. Edit the inetd.conf line for Qpopper, adding '-d' or '-t <tracefile-path>'. 4. Send inetd (or xinetd) a HUP signal. (Steps 3 and 4 are only needed if you use inetd (or xinetd). In standalone mode, you can add '-d' or '-t <tracefile-path>' to the command line directly.) (In either standalone or inetd mode, if you use a configuration file you can add 'set debug' or 'set tracefile = <tracefile>' to either a global or user-specific configuration file instead of steps 3 and 4.) This causes detailed tracing to be written to the syslog or to the file specified as 'tracefile'. If you're still getting a crash, I'd suggest a kernel trace using ktrace(1) or whatever is the HPUX tool. Normally, the way to do this is to modify the inetd or xinetd line to run qpopper via ktrace, usually on a different port so as to not affect production users (unless this is on a test system). For standalone on a test system, also run qpopper from ktrace.
