NetBSD Problem Report #48718
From hannken@mini.local Sun Apr 6 07:50:52 2014
Return-Path: <hannken@mini.local>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id 6CDE7A5806
for <gnats-bugs@gnats.NetBSD.org>; Sun, 6 Apr 2014 07:50:52 +0000 (UTC)
Message-Id: <20140406075049.277312D14A9@mini.local>
Date: Sun, 6 Apr 2014 09:50:48 +0200 (CEST)
From: hannken@mini.local (J. Hannken-Illjes)
To: gnats-bugs@gnats.NetBSD.org
Subject: Heimdal leaks file descriptors
>Number: 48718
>Category: lib
>Synopsis: Heimdal leaks file descriptors
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: lib-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Apr 06 07:55:00 +0000 2014
>Closed-Date: Sun Apr 06 08:28:10 +0000 2014
>Last-Modified: Wed Apr 16 05:50:01 +0000 2014
>Originator: Juergen Hannken-Illjes
>Release: NetBSD 6.1_STABLE
>Organization:
>Environment:
System: NetBSD vpnserv.isf.cs.tu-bs.de 6.1_STABLE NetBSD 6.1_STABLE (gateway.i386) #0: Thu May 30 22:31:51 MEST 2013 build@builder.dd:/build/nbsd6/obj/obj.i386/sys/arch/i386/compile/gateway.i386 i386
Architecture: i386
Machine: i386
>Description:
Use openvpn with pam plugin and pam_krb5 to authorize.
Take Kerberos Realm and Kdc from DNS.
Observe the authorizing proc to keep one file + kevent for every
authorization until it runs out of descriptors.
File is /etc/resolv.conf.
Problem is operation "dns_lookup_int" from heimdal/dist/lib/roken/resolve.c
where every call runs "res_ninit" on fresh state.
>How-To-Repeat:
See above.
>Fix:
Workaround is to specify Realm and Kdc and "dns_fallback=false" in
file /etc/krb5.conf.
Possible fix is either passing a static state to "res_ninit" or
releasing state with "res_ndestroy".
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed
State-Changed-By: hannken@NetBSD.org
State-Changed-When: Sun, 06 Apr 2014 08:28:10 +0000
State-Changed-Why:
Bad email address -- refiled as PR lib/48719.
From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/48718 CVS commit: src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Sun, 6 Apr 2014 10:36:35 -0400
Module Name: src
Committed By: christos
Date: Sun Apr 6 14:36:35 UTC 2014
Modified Files:
src/crypto/external/bsd/heimdal/dist/lib/roken: resolve.c
Log Message:
PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
Add missing call to free the resolve handle on success.
XXX: pullup 6
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "SAITOH Masanobu" <msaitoh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/48718 CVS commit: [netbsd-6] src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Wed, 16 Apr 2014 05:46:00 +0000
Module Name: src
Committed By: msaitoh
Date: Wed Apr 16 05:46:00 UTC 2014
Modified Files:
src/crypto/external/bsd/heimdal/dist/lib/roken [netbsd-6]: resolve.c
Log Message:
Pull up following revision(s) (requested by hannken in ticket #1047):
crypto/external/bsd/heimdal/dist/lib/roken/resolve.c 1.2
PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
Add missing call to free the resolve handle on success.
XXX: pullup 6
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "SAITOH Masanobu" <msaitoh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/48718 CVS commit: [netbsd-6-1] src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Wed, 16 Apr 2014 05:46:51 +0000
Module Name: src
Committed By: msaitoh
Date: Wed Apr 16 05:46:51 UTC 2014
Modified Files:
src/crypto/external/bsd/heimdal/dist/lib/roken [netbsd-6-1]: resolve.c
Log Message:
Pull up following revision(s) (requested by hannken in ticket #1047):
crypto/external/bsd/heimdal/dist/lib/roken/resolve.c 1.2
PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
Add missing call to free the resolve handle on success.
XXX: pullup 6
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.20.1 \
src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "SAITOH Masanobu" <msaitoh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/48718 CVS commit: [netbsd-6-0] src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Wed, 16 Apr 2014 05:47:22 +0000
Module Name: src
Committed By: msaitoh
Date: Wed Apr 16 05:47:22 UTC 2014
Modified Files:
src/crypto/external/bsd/heimdal/dist/lib/roken [netbsd-6-0]: resolve.c
Log Message:
Pull up following revision(s) (requested by hannken in ticket #1047):
crypto/external/bsd/heimdal/dist/lib/roken/resolve.c 1.2
PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
Add missing call to free the resolve handle on success.
XXX: pullup 6
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.1.1.1.12.1 \
src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.