[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#453241: still broken (and partly openssh's fault)

Brian May <bam@snoopy.debian.net> writes:

> Can I please confirm what version of Heimdal you are using? The initial
> bug report seemed to quote the old version in testing, but here you seem
> to indicate the latest version in unstable. I just want to make sure.
> As far as I can tell, all exported symbols from libkrb5.24.0.0 use
> HEIMDAL_KRB5_1.0 for the versioned symbol name.

I'll check again tonight on amd64.  The problem is specifically on amd64;
if you're checking on i386, you may not see it.  I wasn't seeing any
symbol versioning in readelf.

> If OpenSSH is linked against MIT Kerberos, like you say, then simply
> proving that the segfault occurs inside MIT Kerberos is insufficient,
> unfortunately, because we have to expect OpenSSH may call MIT Kerberos
> functions at some point.

According to valgrind, the backtrace showed the segfaults definitely in
functions called by libpam-heimdal, not by openssh itself.  I'll include
the backtrace when I get home and can reproduce it.

gdb doesn't produce a usable backtrace (probably because of the library
confusion).  Only valgrind would work for me, and only with a rebuilt
libpam-heimdal with debugging information.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: