Thread: [Perlgssapi-developer] Warning cropping up...
Brought to you by:
achimgrolms
Menu
▾
▴
perlgssapi-developer
|
From: Merijn B. <me...@il...> - 2006-02-08 16:57:15
|
So this is the diff:
--- distro/xs/Context.xs Wed Feb 8 04:36:26 2006
+++ ../../0.12-1.4/src/distro/xs/Context.xs Fri Jul 1 10:21:34 2005
@@ -12,14 +12,9 @@
GSSAPI::Context_opt context
PREINIT:
OM_uint32 minor;
- OM_uint32 major;
CODE:
if (context != NULL) {
-
- major = gss_delete_sec_context(&minor, &context,
GSS_C_NO_BUFFER);
- if ( major != GSS_S_COMPLETE) {
- warn("failed gss_delete_sec_context() module
Context.xs");
- }
+ gss_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER);
}
That seems entirely reasonable, but guess what? This is what my test
server now does :
SERVER::waiting for request ...
SERVER::accepted connection from client ...
SERVER::received token (length is 459):
SERVER::authenticated client name is me...@is...rgan
SERVER::Have mutual token to send ...
SERVER::GSS token size: 114
SERVER::sent token (length is 114)
failed gss_delete_sec_context() module Context.xs at gss-server.pl line 128.
and my test client too:
CLIENT::gss_init_sec_context success
CLIENT::going to identify client to server
CLIENT::have token to send ...
CLIENT::GSS token length is 459
CLIENT::sent token to server
CLIENT::Mutual auth requested ...
CLIENT::got mutual auth token from server
CLIENT::mutual auth token length is 114
CLIENT::gss_init_sec_context success
CLIENT::confirmed server identity from mutual token
CLIENT::authenticated server name is krbping/xx...@is...rgan
failed gss_delete_sec_context() module Context.xs, <GEN0> line 1.
Mmmmmmmm. I shall be looking through the gssapi docs.
Googling gives me this tasty bit of code :
maj_stat = gss_delete_sec_context(&min_stat, &context, &out_buf);
if (maj_stat != GSS_S_COMPLETE) {
display_status("deleting context", maj_stat, min_stat);
(void) close(s);
(void) gss_delete_sec_context(&min_stat, &context, GSS_C_NO_BUFFER);
return -1;
}
yummy. How very odd...
Other then that it all seems to be working without any issues. That's
something at least. :-)
Cheers,
--
Merijn Broeren | Sometime in the middle ages, God got fed up with us
Software Geek | and put earth at sol.milky-way.univ in his kill-file.
| Pray all you want, it just gets junked.
|
|
From: Merijn B. <me...@il...> - 2006-02-08 17:12:39
|
I changed the code in Context.xs to look like this:
void
DESTROY(context)
GSSAPI::Context_opt context
PREINIT:
OM_uint32 minor;
OM_uint32 major;
CODE:
if (context != NULL) {
major = gss_delete_sec_context(&minor, &context, GSS_C_NO_BUFFER);
if ( major == GSS_S_COMPLETE) {
warn("gss_delete_sec_context() complete in module Context.xs");
}
if ( major == GSS_S_NO_CONTEXT) {
warn("failed gss_delete_sec_context() with invalid context in module Context.xs");
}
if ( major == GSS_S_FAILURE) {
warn("failed gss_delete_sec_context() with unspecified error in module Context.xs");
}
}
so I could figure out what was going on.
turns out that my code looks like this in broad overview:
while (1) {
my $sec_context ;
...
$sec_context->DESTROY;
}
which means the DESTROY is called twice. Once by me explicitly and once
on destruction of the variable.
My server output now looks like this:
SERVER::waiting for request ...
SERVER::accepted connection from client ...
SERVER::received token (length is 459):
SERVER::authenticated client name is me...@is...rgan
SERVER::Have mutual token to send ...
SERVER::GSS token size: 114
SERVER::sent token (length is 114)
gss_delete_sec_context() complete in module Context.xs at gss-server.pl line 159, <GEN3> line 1.
failed gss_delete_sec_context() with invalid context in module Context.xs at gss-server.pl line 159.
So my bad.
But we might want to make this more forgiving, by only warning on
GSS_S_FAILURE, not on GSS_S_NO_CONTEXT. ;-)
Cheers,
--
Merijn Broeren | Sometime in the middle ages, God got fed up with us
Software Geek | and put earth at sol.milky-way.univ in his kill-file.
| Pray all you want, it just gets junked.
|
|
From: Achim G. <per...@gr...> - 2006-02-08 19:33:58
|
On Wednesday 08 February 2006 18:12, Merijn Broeren wrote:
> if ( major == GSS_S_FAILURE) {
> warn("failed gss_delete_sec_context() with unspecified error
> in module Context.xs"); }
Is there a need to put the minor error into the warning?
(Makes the warning more specific, i think)
Achim
|
|
From: Merijn B. <me...@il...> - 2006-02-09 09:29:45
|
Quoting Achim Grolms (per...@gr...):
> On Wednesday 08 February 2006 18:12, Merijn Broeren wrote:
>
> > if ( major == GSS_S_FAILURE) {
> > warn("failed gss_delete_sec_context() with unspecified error
> > in module Context.xs"); }
>
> Is there a need to put the minor error into the warning?
> (Makes the warning more specific, i think)
>
Yes, we should definetely do that...
Cheers,
--
Merijn Broeren | Sometime in the middle ages, God got fed up with us
Software Geek | and put earth at sol.milky-way.univ in his kill-file.
| Pray all you want, it just gets junked.
|
|
From: Achim G. <per...@gr...> - 2006-02-08 20:21:56
|
On Wednesday 08 February 2006 18:12, Merijn Broeren wrote: > But we might want to make this more forgiving, by only warning on > GSS_S_FAILURE, not on GSS_S_NO_CONTEXT. ;-) Is gss_delete_sec_context() able to return GSS_S_FAILURE? <http://rfc.net/rfc2744.html> lists only GSS_S_COMPLETE and GSS_S_NO_CONTEXT? Achim |
|
From: Merijn B. <me...@il...> - 2006-02-09 09:36:39
|
Quoting Achim Grolms (per...@gr...): > On Wednesday 08 February 2006 18:12, Merijn Broeren wrote: > > > But we might want to make this more forgiving, by only warning on > > GSS_S_FAILURE, not on GSS_S_NO_CONTEXT. ;-) > > Is gss_delete_sec_context() able to return GSS_S_FAILURE? > > <http://rfc.net/rfc2744.html> lists only > > GSS_S_COMPLETE and GSS_S_NO_CONTEXT? > rfc2744 is the C bindings. I was looking at this one: http://rfc.net/rfc2743.html#p53 So I say we should warn with the minor error on GSS_S_FAILURE. Cheers, -- Merijn Broeren | Sometime in the middle ages, God got fed up with us Software Geek | and put earth at sol.milky-way.univ in his kill-file. | Pray all you want, it just gets junked. |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X