[16677] in Kerberos_V5_Development
Re: securid_sam2 plugin
daemon@ATHENA.MIT.EDU (John Devitofranceschi)
Wed Mar 9 21:45:42 2011
Date: Wed, 09 Mar 2011 21:45:37 -0500
From: John Devitofranceschi <jdvf@optonline.net>
In-reply-to: <4D7789CD.4030309@redhat.com>
To: "krbdev@mit.edu Dev List" <krbdev@mit.edu>
Message-id: <A3DAA3BE-856D-431F-A85E-251009E00520@optonline.net>
MIME-version: 1.0
Content-Type: multipart/mixed; boundary="===============0703248156=="
Errors-To: krbdev-bounces@mit.edu
--===============0703248156==
Content-type: multipart/signed; boundary=Apple-Mail-2--704609121;
protocol="application/pkcs7-signature"; micalg=sha1
--Apple-Mail-2--704609121
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On Mar 9, 2011, at 9:08 AM, Dmitri Pal wrote:
> On 03/08/2011 06:51 PM, John Devitofranceschi wrote:
>> =09
>>=20
>> I have been wrestling with the securid_sam2 pluginfrom krb5 1.9 on a =
Solaris 10 (Update 7) x86 system, using version 8.1 of the RSA =
Authentication Agent API.
>>=20
>> No matter what I do, the plugin causes krb5kdc to crash (SIGSEGV with =
core) during the AceInitialze call, while gathering entropy from the =
system. =20
>>=20
>> Is this a configuration that is known to work? Which versions of the =
API have been tested?
>>=20
>> jd
>>=20
>=20
> Does AceInitialize work on the same machine from a simple test =
program?
> Running such test would allow you to better sort out who is at fault.
>=20
>=20
>=20
I did run this test and it worked fine. I then proceeded to work =
towards making my simple test program blow up in the same way as =
krb5kdc.
I was successful.
I reproduced the failure by creating a little plugin .so that implements =
a function runAI() which simply calls AceInitialze()
I then implemented a small program which dlopen()'s my plugin as well =
as the other standard plugins that krb5kdc loads.
When the dlopen()s use the flag RTLD_LAZY, the call to runAI() works.
When RTLD_NOW is used in all the dlopen()s, AceInitialze() gets a =
SIGSEGV.
In the morning I will debug further.
jd
--Apple-Mail-2--704609121--
--===============0703248156==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
--===============0703248156==--
