The functionality added in changeset 818a638fa9a3 has a bug for x86_64 on line 103. The src/auth/mech-gssapi.c file must now include stdlib.h to have the declaration for getenv(). Otherwise, the compiler uses the implicit return type (int), which truncates the 8-byte pointer getenv() returns to a 4-byte value. This causes a segfault on subsequent reads. Here is debugger output illustrating the problem:
(gdb) list 106
101 const char *path;
102
103 path = getenv("KRB5_KTNAME");
104 if (path != NULL) {
105 #ifdef HAVE_GSSKRB5_REGISTER_ACCEPTOR_IDENTITY
106 gsskrb5_register_acceptor_identity(path);
107 #elif defined (HAVE_KRB5_GSS_REGISTER_ACCEPTOR_IDENTITY)
108 krb5_gss_register_acceptor_identity(path);
109 #endif
110 }
(gdb) p/x getenv("KRB5_KTNAME")
$32 = 0xb0d7aef7
(gdb) x/s 0xb0d7aef7
0xb0d7aef7: <Address 0xb0d7aef7 out of bounds>
(gdb) x/s 0x7fffb0d7aef7
0x7fffb0d7aef7: "/etc/dovecot/dovecot.keytab"
A Mercurial bundle with a fix is attached, and here is the trivial patch to
put in the needed #include:
diff -r 43e55b9af85b src/auth/mech-gssapi.c
--- a/src/auth/mech-gssapi.c Mon Sep 01 15:02:49 2008 +0300
+++ b/src/auth/mech-gssapi.c Wed Sep 03 11:37:33 2008 -0400
@@ -22,6 +22,8 @@
#include "safe-memset.h"
#ifdef HAVE_GSSAPI
+
+#include <stdlib.h>
#ifndef HAVE___GSS_USEROK
# define USE_KRB5_USEROK
--
UNIX was not designed to stop you from doing stupid things, because that
would also stop you from doing clever things.
-- Doug Gwyn
stdlib.bundle
Description: stdlib.bundle
pgpKf5ZmOLS0u.pgp
Description: PGP signature
