NetBSD Problem Report #10666

Received: (qmail 20536 invoked from network); 24 Jul 2000 17:23:28 -0000
Message-Id: <200007241722.TAA12151@idle.trapdoor.vip.at>
Date: Mon, 24 Jul 2000 19:22:53 +0200 (CEST)
From: rh@netbsd.org
Reply-To: rh@netbsd.org
To: gnats-bugs@gnats.netbsd.org
Subject: getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
X-Send-Pr-Version: 3.95

>Number:         10666
>Category:       lib
>Synopsis:       roken_getaddrinfo_hostspec() uses getaddrinfo in nonstandard way
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jul 24 17:24:00 +0000 2000
>Closed-Date:    
>Last-Modified:  Tue Apr 14 20:46:17 +0000 2009
>Originator:     Rene Hexel
>Release:        1.5_ALPHA 20000719
>Organization:

>Environment:

System: NetBSD ceti.trapdoor.vip.at 1.5_ALPHA NetBSD 1.5_ALPHA (CETI) #1: Wed Jul 19 12:59:17 CEST 2000 rh@ceti.trapdoor.vip.at:/usr/local/src/sys/src/sys/arch/i386/compile/CETI i386


>Description:
	When called with a zero-filled addrinfo hints structure, getaddrinfo(3)
currently fails with EAI_SERVICE despite the manual page claiming that
ai_socktype and ai_protocol may be zero.  This specific problem causes
kpasswd(8) to fail, because roken_getaddrinfo_hostspec() in
basesrc/crypto/dist/heimdal/lib/roken/getaddrinfo_hostspec.c passes
exactly such a structure when called with the default kerberos5 server
name "kerberos.<mydomain>" (without a leading "tcp/", "udp/", etc. prefix).

>How-To-Repeat:
	Set up kerberos, make sure your krb5.conf does *not* contain an
	"admin_server = foo" line.

	Now try changing any password using "kpasswd" and wonder why you
	always get

	kpasswd: krb5_change_password: Bad file descriptor

	After some investigation, discover that EBADF which causes this
	bogus error message has the same numerical value as EAI_SERVICE
	as returned by getaddrinfo(3).

>Fix:
	Make getaddrinfo(3) treat a zero-filled addrinfo hints structure the
	same way as a NULL addrinfo structure.

	Alternatively (if this is not desired), fix
	roken_getaddrinfo_hostspec() to pass a NULL hints structure instead of
	a zero-filled addrinfo if a given host is not prefixed with a matching
	protocol.

	Workaround: until this is fixed, always specify
	"admin_server = protocol/server.domain" in your /etc/krb5.conf
>Release-Note:
>Audit-Trail:

From: joda@pdc.kth.se (Johan Danielsson)
To: rh@netbsd.org
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: lib/10666: getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
Date: 24 Jul 2000 19:40:06 +0200

 rh@netbsd.org writes:

 > When called with a zero-filled addrinfo hints structure,
 > getaddrinfo(3) currently fails with EAI_SERVICE despite the manual
 > page claiming that ai_socktype and ai_protocol may be zero.

 This is a well known bug, but the people that care about this
 interface don't think it's a bug.

 > This specific problem causes kpasswd(8) to fail

 Known problem, will be fixed `soon'. Use the workaround for now.

 /Johan

From: "Dr. Rene Hexel" <rh@vip.at>
To: Johan Danielsson <joda@pdc.kth.se>
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: lib/10666: getaddrinfo(3) fails if called with ai_socktype = 
 ai_protocol = 0
Date: Mon, 24 Jul 2000 20:57:44 +0200

 Johan Danielsson wrote:

 > rh@netbsd.org writes:
 > 
 > > When called with a zero-filled addrinfo hints structure,
 > > getaddrinfo(3) currently fails with EAI_SERVICE despite the manual
 > > page claiming that ai_socktype and ai_protocol may be zero.
 > 
 > This is a well known bug, but the people that care about this
 > interface don't think it's a bug.

   Okay, that's why I included the alternative (fix libroken to pass a
 NULL hints structure instead of a zero-filled one).  However, in this
 case, I believe that at least the manpage for getaddrinfo(3) should be
 updated to reflect that only either ai_socktype or ai_protocol must be
 non-zero (or whatever the real requirements are).

 > > This specific problem causes kpasswd(8) to fail
 > 
 > Known problem, will be fixed `soon'. Use the workaround for now.

   That's fine with me (now that I know there is one, after a couple of
 hours searching for the cause of the problem ;-)

   Cheers
       ,
    Rene

From: itojun@iijlab.net
To: rh@netbsd.org
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: lib/10666: getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
Date: Tue, 25 Jul 2000 09:06:48 +0900

 >>Synopsis:       getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0

 	could you give me more information about what you have passed
 	as the argument?  i guess you passed numeric port number (2nd argument).
 	in that case, we are supposed to return error.  this is not a bug.

 itojun

From: "Dr. Rene Hexel" <rh@vip.at>
To: itojun@iijlab.net
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: lib/10666: getaddrinfo(3) fails if called with ai_socktype = 
 ai_protocol = 0
Date: Tue, 25 Jul 2000 07:12:27 +0200

 itojun@iijlab.net wrote:

 > >>Synopsis:       getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
 > 
 >         could you give me more information about what you have passed
 >         as the argument?  i guess you passed numeric port number (2nd argument).
 >         in that case, we are supposed to return error.  this is not a bug.

   This is correct, a numeric port number was indeed passed.  In this
 case, the problem, however, is that not I (personally) called it that
 way, but an in-tree program: kpasswd(8) (via
 libroken/getaddrinfo_hostspec()).  Therefore, this problem should be
 fixed, one way or another.  If getaddrinfo(3) works as expected, then
 getaddrinfo_hostspec() is broken, and the file that should be fixed is
 basesrc/crypto/dist/heimdal/lib/roken/getaddrinfo_hostspec.c (see my
 second "fix" suggestion in the PR).

   Also, I believe that in this case, the manpage for getaddrinfo(3)
 should be updated to make this clear.  At the moment, the relevant part
 reads


                             "In this hints structure all members other
 than
    ai_flags, ai_family, ai_socktype, and ai_protocol must be zero or a
 NULL
    pointer.  A value of PF_UNSPEC for ai_family means the caller will
 accept
    any protocol family.  A value of 0 for ai_socktype means the caller
 will
    accept any socket type.  A value of 0 for ai_protocol means the
 caller
    will accept any protocol."


   Some comment should be added, that this is not valid if a numeric port
 number was passed as second argument.  Otherwise, other people might
 make the same mistake again.

   Cheers
       ,
    Rene

From: itojun@iijlab.net
To: rh@netbsd.org
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: lib/10666: getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
Date: Tue, 25 Jul 2000 14:16:11 +0900

 >  This is correct, a numeric port number was indeed passed.  In this
 >case, the problem, however, is that not I (personally) called it that
 >way, but an in-tree program: kpasswd(8) (via
 >libroken/getaddrinfo_hostspec()).  Therefore, this problem should be
 >fixed, one way or another.  If getaddrinfo(3) works as expected, then
 >getaddrinfo_hostspec() is broken, and the file that should be fixed is
 >basesrc/crypto/dist/heimdal/lib/roken/getaddrinfo_hostspec.c (see my
 >second "fix" suggestion in the PR).

 	i've contacted assar for help.

 >  Also, I believe that in this case, the manpage for getaddrinfo(3)
 >should be updated to make this clear.  At the moment, the relevant part
 >reads

 	based on recent PRs regarding to this, I added some more wording on it.
 	(please look at lib/libc/net/getaddrinfo.3 revision 1.15)
 	please let me know if it is still unclear.

 itojun

From: "Dr. Rene Hexel" <rh@vip.at>
To: itojun@iijlab.net
Cc: gnats-bugs@gnats.netbsd.org
Subject: Re: lib/10666: getaddrinfo(3) fails if called with ai_socktype = 
 ai_protocol = 0
Date: Tue, 25 Jul 2000 07:34:59 +0200

 itojun@iijlab.net wrote:

 >         i've contacted assar for help.

   Thanks!

 >         based on recent PRs regarding to this, I added some more wording on it.
 >         (please look at lib/libc/net/getaddrinfo.3 revision 1.15)
 >         please let me know if it is still unclear.

   Yes, this makes things a lot clearer, thank you.  I believe we also
 should pull this up into the 1.5 tree as this affects both -current and
 1.5.

   Cheers
       ,
    Rene

Responsible-Changed-From-To: lib-bug-people->assar 
Responsible-Changed-By: itojun 
Responsible-Changed-When: Wed Aug 2 07:25:01 PDT 2000 
Responsible-Changed-Why:  

assar will  revisit it after he fixes it in heimdal tree 

Responsible-Changed-From-To: assar->lha 
Responsible-Changed-By: fair 
Responsible-Changed-When: Tue May 25 00:56:44 UTC 2004 
Responsible-Changed-Why:  

Assar has gone inactive, so this goes to our current Kerberos expert. 

Responsible-Changed-From-To: lha->lib-bug-people
Responsible-Changed-By: spz@NetBSD.org
Responsible-Changed-When: Tue, 14 Apr 2009 20:46:17 +0000
Responsible-Changed-Why:
lha is status observer now and thus can't fix this


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.