[20213] in Kerberos_V5_Development
Re: MIT Kerberos using invalid in-memory credential cache
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Dec 30 12:14:01 2020
To: Vipul Mehta <vipulmehta.1989@gmail.com>, <krbdev@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <66a6e54e-7295-7e09-a730-7c6bbefeb2bd@mit.edu>
Date: Wed, 30 Dec 2020 12:13:49 -0500
MIME-Version: 1.0
In-Reply-To: <CAMeQEL_sFnvn+nHYZPCZc+7E7_nDDMLm=9iV5XaV9guyT5GErA@mail.gmail.com>
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On 12/29/20 7:21 AM, Vipul Mehta wrote:
> I see that some fix has been done in newer version :
> https://github.com/krb5/krb5/commit/146dadec8fe7ccc4149eb2e3f577cc320aee6efb#diff-8f14845d698c6c1242bf1288e7bfec3db113dd57279601af016ec0df4a20949e
>
> Will it help ? How to debug this issue further in our service ?
It might. One of the bugs fixed in that commit is that two simultaneous
references to the same memory cache would cause one of the references to
become a dangling pointer when the other is destroyed. I'm not sure how
upgrading curl would lead to that scenario, though.
If you choose to backport this commit, note that it contained a bug,
described here:
https://krbdev.mit.edu/rt/Ticket/Display.html?id=8771
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
