GNU gdb Red Hat Linux (6.1post-1.20040607.62rh) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/tls/libthread_db.so.1". Core was generated by `/usr/sbin/ss5 -s -t -u root'. Program terminated with signal 11, Segmentation fault. warning: svr4_current_sos: Can't read pathname for load map: Input/output error Reading symbols from /lib/tls/libpthread.so.0...done. Loaded symbols for /lib/tls/libpthread.so.0 Reading symbols from /lib/libdl.so.2...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /usr/lib/libldap-2.2.so.7...done. Loaded symbols for /usr/lib/libldap-2.2.so.7 Reading symbols from /lib/libpam.so.0...done. Loaded symbols for /lib/libpam.so.0 Reading symbols from /lib/libpam_misc.so.0...done. Loaded symbols for /lib/libpam_misc.so.0 Reading symbols from /lib/tls/libc.so.6...done. Loaded symbols for /lib/tls/libc.so.6 Reading symbols from /usr/lib/liblber-2.2.so.7...done. Loaded symbols for /usr/lib/liblber-2.2.so.7 Reading symbols from /lib/libresolv.so.2...done. Loaded symbols for /lib/libresolv.so.2 Reading symbols from /usr/lib/libsasl2.so.2...done. Loaded symbols for /usr/lib/libsasl2.so.2 Reading symbols from /lib/libssl.so.4...done. Loaded symbols for /lib/libssl.so.4 Reading symbols from /lib/libcrypto.so.4...done. Loaded symbols for /lib/libcrypto.so.4 Reading symbols from /lib/libcrypt.so.1...done. Loaded symbols for /lib/libcrypt.so.1 Reading symbols from /usr/lib/libgssapi_krb5.so.2...done. Loaded symbols for /usr/lib/libgssapi_krb5.so.2 Reading symbols from /usr/lib/libkrb5.so.3...done. Loaded symbols for /usr/lib/libkrb5.so.3 Reading symbols from /lib/libcom_err.so.2...done. Loaded symbols for /lib/libcom_err.so.2 Reading symbols from /usr/lib/libk5crypto.so.3...done. Loaded symbols for /usr/lib/libk5crypto.so.3 Reading symbols from /usr/lib/libz.so.1...done. Loaded symbols for /usr/lib/libz.so.1 Reading symbols from /usr/lib/ss5/mod_socks4.so...done. Loaded symbols for /usr/lib/ss5/mod_socks4.so Reading symbols from /usr/lib/ss5/mod_socks5.so...done. Loaded symbols for /usr/lib/ss5/mod_socks5.so Reading symbols from /usr/lib/ss5/mod_authentication.so...done. Loaded symbols for /usr/lib/ss5/mod_authentication.so Reading symbols from /usr/lib/ss5/mod_authorization.so...done. Loaded symbols for /usr/lib/ss5/mod_authorization.so Reading symbols from /usr/lib/ss5/mod_proxy.so...done. Loaded symbols for /usr/lib/ss5/mod_proxy.so Reading symbols from /usr/lib/ss5/mod_balance.so...done. Loaded symbols for /usr/lib/ss5/mod_balance.so Reading symbols from /usr/lib/ss5/mod_log.so...done. Loaded symbols for /usr/lib/ss5/mod_log.so Reading symbols from /usr/lib/ss5/mod_filter.so...done. Loaded symbols for /usr/lib/ss5/mod_filter.so Reading symbols from /usr/lib/ss5/mod_statistics.so...done. Loaded symbols for /usr/lib/ss5/mod_statistics.so Reading symbols from /usr/lib/ss5/mod_bandwidth.so...done. Loaded symbols for /usr/lib/ss5/mod_bandwidth.so Reading symbols from /usr/lib/ss5/mod_dump.so...done. Loaded symbols for /usr/lib/ss5/mod_dump.so Reading symbols from /lib/libnss_files.so.2...done. Loaded symbols for /lib/libnss_files.so.2 Reading symbols from /lib/libgcc_s.so.1...done. Loaded symbols for /lib/libgcc_s.so.1 Reading symbols from /lib/security/pam_winbind.so...Reading symbols from /usr/lib/debug/lib/security/pam_winbind.so.debug...done. done. Loaded symbols for /lib/security/pam_winbind.so Reading symbols from /lib/security/pam_deny.so...done. Loaded symbols for /lib/security/../../lib/security/pam_deny.so #0 0x00f9196a in read_sock (buffer=0xb7d136d0, count=1300) at nsswitch/wb_common.c:423 423 FD_SET(winbindd_fd, &r_fds); (gdb) (gdb) (gdb) bt #0 0x00f9196a in read_sock (buffer=0xb7d136d0, count=1300) at nsswitch/wb_common.c:423 #1 0x00f91a92 in read_reply (response=0xb7d136d0) at nsswitch/wb_common.c:481 #2 0x00f91b29 in winbindd_get_response (response=0xb7d136d0) at nsswitch/wb_common.c:572 #3 0x00f91bbc in winbindd_request_response (req_type=0, request=0xb7d13bf0, response=0xb7d136d0) at nsswitch/wb_common.c:602 #4 0x00f91dde in write_sock (buffer=0xb7d15500, count=1836, recursing=0) at nsswitch/wb_common.c:317 #5 0x00f9036d in pam_winbind_request_log (req_type=WINBINDD_PAM_AUTH, request=0xb7d15500, response=0xb7d14fe0, ctrl=1, user=0x8b7e588 "ee06765") at nsswitch/pam_winbind.c:114 #6 0x00f9069a in winbind_auth_request (user=0x8b7e588 "xx43210", pass=0x8b76a28 "abcdefg01", member=0x0, ctrl=1) at nsswitch/pam_winbind.c:246 #7 0x00f90bf8 in pam_sm_authenticate (pamh=0x8b92840, flags=0, argc=1, argv=0x8b7d668) at nsswitch/pam_winbind.c:516 #8 0x00204a7a in _pam_dispatch () from /lib/libpam.so.0 #9 0x0020666b in pam_authenticate () from /lib/libpam.so.0 #10 0x0011337e in S5PamCheck (ai=0xb7d18370) at SS5Pam.c:97 #11 0x00112da3 in Authentication (mi=0xb7d183f0, ci=0xb7d18340, bd=0xb7d18210, ai=0xb7d18370) at SS5Mod_authentication.c:123 #12 0x0804bbff in S5Core (clientSocket=87) at SS5Core.c:225 #13 0x00bac341 in start_thread () from /lib/tls/libpthread.so.0 ---Type <return> to continue, or q <return> to quit--- #14 0x00b05fee in clone () from /lib/tls/libc.so.6 (gdb)
Sorry, I made a mistake with my keyboard ! Following the bug description: I'm using pam_winbind to authenticate socks clients with SS5 3.5.4-1 socks server on Linux platform (RH AS4.0). Sometime, SS5 socks server crash (only in threaded mode) during authentication, and back trace on core file shows a SEGFault on read_sock call into wb_common.c source file. It seams FD_SET call, is done with a file descriptor of -1. I found a similar bug on client.c fixed with a check (if ... == -1 return) on fd variable. Tell me if you need more informations. Thank you.
Created attachment 1827 [details] Proposed patch Try this patch please. Jeremy.
Patch didn't resolve the problem. I think it is about a thread safe problem. Do you think pam_winbind is thread safe?
Interesting - no I'm not sure pam_winbind is thread safe. I'll look at this later on - we need to stabilize things before release first. Jeremy.
Ok. I put a mutex into source code concerning pam authentication. I'm going to test it. Bye
Thread safety for pam_winbind comes later.