A perl program crashes in libkrb5.so.3.3 library when calling credential cache functions using the Authen::Krb5 module
Issue
- A perl program crashes in libkrb5.so.3.3 library when calling credential cache functions using the Authen::Krb5 module
- The program:
#!/usr/bin/perl
#
#
use Authen::Krb5;sub get_tgt_keytab
{
my ($client, $server, @a, $ccname, $keytab, $err);
undef $retval;my $context = Authen::Krb5::init_context();
Authen::Krb5::init_ets();# Our admin user
$client = Authen::Krb5::parse_name('testprinc');
if ( ! $client ) {
$retval = "ERROR: Unable to parse principal name!";
goto CLEANUP;
}#/* if */## We're getting just a TGT service ticket
#$server = Authen::Krb5::parse_name('krbtgt/FOOBAR.TEST');
#if ( ! $server ) {
# $retval = "ERROR: Unable to parse TGT name!";
# goto CLEANUP;
#}#/* if */my $cache_name;
# Setup the credentials cache
do {
@a = (0 .. 9, 'a' .. 'z', 'A' .. 'Z');
$ccname = join '', map { $a[int rand @a] } 0 .. 7;
$cache_name = "/tmp/reghost_$ccname";
} until (! -e $cache_name );# Set KRB5CCNAME environment
$ENV{KRB5CCNAME} = $cache_name;$cc = Authen::Krb5::cc_resolve($cache_name);
if ( ! $cc ) {
$retval="ERROR: Unable to resolve cache!";
goto CLEANUP;
}#/* if */$cc->initialize($client);
# Set KRB5CCNAME environment
$ENV{KRB5CCNAME} = $cc->get_name();# What keytab we're using - use the cron keytab by default...
$keytab = Authen::Krb5::kt_resolve('FILE:/etc/cron.keytab');if ( ! $keytab ) {
$retval = "ERROR: Unable to resolve keytab!";
goto CLEANUP;
}#/* if */# Get our TGT and store it in our credentials cache...
my $creds = Authen::Krb5::get_init_creds_keytab($client,$keytab);
if (defined($creds)) {
if ($cc) {
$cc->store_cred($creds);
}#/* if */
} else {
$retval = "ERROR: Unable to get TGT from keytab!";
goto CLEANUP;
}#/* if-else */CLEANUP:
if ($context) {
Authen::Krb5::free_context();
}# /* if */
if (! defined($retval) ){
return($cc);
} else {
if ($cc) {
$cc->destroy;
}# /* if */
return($retval);
}#/* if-else */
}for ($count = 0; $count <= 100000; $count++) {
print "$count\n";
my $cc = get_tgt_keytab();
if (($cc) && $cc =~ /ERROR/) {
print $cc;
} elsif ($cc) {
$cc->destroy;
}# /* if-else */
}# /* for */
Environment
- Red Hat Enterprise Linux 5
- perl
- krb5-libs
- Authen::perl module obtained using 'cpan install'
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
