NetBSD Problem Report #48718

From hannken@mini.local  Sun Apr  6 07:50:52 2014
Return-Path: <hannken@mini.local>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 6CDE7A5806
	for <gnats-bugs@gnats.NetBSD.org>; Sun,  6 Apr 2014 07:50:52 +0000 (UTC)
Message-Id: <20140406075049.277312D14A9@mini.local>
Date: Sun,  6 Apr 2014 09:50:48 +0200 (CEST)
From: hannken@mini.local (J. Hannken-Illjes)
To: gnats-bugs@gnats.NetBSD.org
Subject: Heimdal leaks file descriptors

>Number:         48718
>Category:       lib
>Synopsis:       Heimdal leaks file descriptors
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    lib-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Apr 06 07:55:00 +0000 2014
>Closed-Date:    Sun Apr 06 08:28:10 +0000 2014
>Last-Modified:  Wed Apr 16 05:50:01 +0000 2014
>Originator:     Juergen Hannken-Illjes
>Release:        NetBSD 6.1_STABLE
>Organization:
>Environment:
System: NetBSD vpnserv.isf.cs.tu-bs.de 6.1_STABLE NetBSD 6.1_STABLE (gateway.i386) #0: Thu May 30 22:31:51 MEST 2013  build@builder.dd:/build/nbsd6/obj/obj.i386/sys/arch/i386/compile/gateway.i386 i386
Architecture: i386
Machine: i386
>Description:
Use openvpn with pam plugin and pam_krb5 to authorize.
Take Kerberos Realm and Kdc from DNS.
Observe the authorizing proc to keep one file + kevent for every
authorization until it runs out of descriptors.
File is /etc/resolv.conf.

Problem is operation "dns_lookup_int" from heimdal/dist/lib/roken/resolve.c
where every call runs "res_ninit" on fresh state.
>How-To-Repeat:
See above.
>Fix:
Workaround is to specify Realm and Kdc and "dns_fallback=false" in
file /etc/krb5.conf.

Possible fix is either passing a static state to "res_ninit" or
releasing state with "res_ndestroy".

>Release-Note:

>Audit-Trail:

State-Changed-From-To: open->closed
State-Changed-By: hannken@NetBSD.org
State-Changed-When: Sun, 06 Apr 2014 08:28:10 +0000
State-Changed-Why:
Bad email address -- refiled as PR lib/48719.


From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/48718 CVS commit: src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Sun, 6 Apr 2014 10:36:35 -0400

 Module Name:	src
 Committed By:	christos
 Date:		Sun Apr  6 14:36:35 UTC 2014

 Modified Files:
 	src/crypto/external/bsd/heimdal/dist/lib/roken: resolve.c

 Log Message:
 PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
 Add missing call to free the resolve handle on success.
 XXX: pullup 6


 To generate a diff of this commit:
 cvs rdiff -u -r1.1.1.1 -r1.2 \
     src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "SAITOH Masanobu" <msaitoh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/48718 CVS commit: [netbsd-6] src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Wed, 16 Apr 2014 05:46:00 +0000

 Module Name:	src
 Committed By:	msaitoh
 Date:		Wed Apr 16 05:46:00 UTC 2014

 Modified Files:
 	src/crypto/external/bsd/heimdal/dist/lib/roken [netbsd-6]: resolve.c

 Log Message:
 Pull up following revision(s) (requested by hannken in ticket #1047):
 	crypto/external/bsd/heimdal/dist/lib/roken/resolve.c	1.2

 PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
 Add missing call to free the resolve handle on success.
 XXX: pullup 6


 To generate a diff of this commit:
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.6.1 \
     src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "SAITOH Masanobu" <msaitoh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/48718 CVS commit: [netbsd-6-1] src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Wed, 16 Apr 2014 05:46:51 +0000

 Module Name:	src
 Committed By:	msaitoh
 Date:		Wed Apr 16 05:46:51 UTC 2014

 Modified Files:
 	src/crypto/external/bsd/heimdal/dist/lib/roken [netbsd-6-1]: resolve.c

 Log Message:
 Pull up following revision(s) (requested by hannken in ticket #1047):
 	crypto/external/bsd/heimdal/dist/lib/roken/resolve.c	1.2

 PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
 Add missing call to free the resolve handle on success.
 XXX: pullup 6


 To generate a diff of this commit:
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.20.1 \
     src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "SAITOH Masanobu" <msaitoh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/48718 CVS commit: [netbsd-6-0] src/crypto/external/bsd/heimdal/dist/lib/roken
Date: Wed, 16 Apr 2014 05:47:22 +0000

 Module Name:	src
 Committed By:	msaitoh
 Date:		Wed Apr 16 05:47:22 UTC 2014

 Modified Files:
 	src/crypto/external/bsd/heimdal/dist/lib/roken [netbsd-6-0]: resolve.c

 Log Message:
 Pull up following revision(s) (requested by hannken in ticket #1047):
 	crypto/external/bsd/heimdal/dist/lib/roken/resolve.c	1.2

 PR/48718: Juergen Hannken-Illjes: Heimdal leaks file descriptors
 Add missing call to free the resolve handle on success.
 XXX: pullup 6


 To generate a diff of this commit:
 cvs rdiff -u -r1.1.1.1 -r1.1.1.1.12.1 \
     src/crypto/external/bsd/heimdal/dist/lib/roken/resolve.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.