https://bugzilla.mindrot.org/show_bug.cgi?id=3307
Bug ID: 3307
Summary: Segfault or ( malloc_consolidate(): invalid chunk size
+ Aborted) with GSSAPITrustDns yes
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: Kerberos support
Assignee: unassigned-bugs@mindrot.org
Reporter: calestyo@scientia.net
Hey there.
I've noted the two errors, with the following setup:
Locally, I have:
OpenSSH_8.4p1 Debian-5, OpenSSL 1.1.1k 25 Mar 2021
from which I connect to some internal node at CERN
(hammercloud-ai-11.cern.ch) via some publicly available node
(lxplus.cern.ch) which all have:
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
The lxplus.cern.ch is actually a round robin DNS name, but all nodes
behind have the same ssh server key.
Since CERN uses AFS, I have to do GSSAPI auth.
Locally I have a keytab file created with ktuil, which even works out
of the box with SSH - that is, if I don't have a krb ticket yet, it
automatically creates one.
My SSH config looks like the following:
Host hammercloud-ai-11.cern.ch
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPIRenewalForcesRekey yes
GSSAPITrustDns yes
ProxyJump lxplus.cern.ch
Host lxplus.cern.ch
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPIRenewalForcesRekey yes
GSSAPITrustDns yes
# ControlMaster auto
# ControlPersist 10s
# ControlPath ~/.ssh/channel-mux/%r@%h:%p
Host *.cern.ch
User someUser
IdentityFile ~/.ssh/id_ed25519
SetEnv "LANG=en_US.UTF-8"
Further, I do have a custom locale which is basically en_US.UTF-8, but
with some international stuff like "," as decimal separator.
Now that works to login to lxplus, and from there (within an
interactive session) to hammercloud-ai-11.
When I use the ProxyJump however and directly go to hammercloud-ai-11,
I start to see errors.
1) with LANG=en_DE.UTF-8 it segfaults:
$ ssh hammercloud-ai-11.cern.ch -v
...
Authenticated to hammercloud-ai-11.cern.ch (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_DE.UTF-8
Segmentation fault
$ debug1: stdio forwarding: done
Interestingly it seems to still try to send "my" locale instead what
I've configured above with:
SetEnv "LANG=en_US.UTF-8"
2) the same with LANG=C
$ export LANG=C
$ ssh hammercloud-ai-11.cern.ch -v
...
Authenticated to hammercloud-ai-11.cern.ch (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = C
malloc_consolidate(): invalid chunk size
Aborted
$ debug1: stdio forwarding: done
Whether or not using a Control Channel doesn't seem to matter.
When I comment the
Host hammercloud-ai-11.cern.ch
...
# GSSAPITrustDns yes
It works in both cases.
Commeting the same for lxplus (the proxy node), doesn't solve the
issue.
Any ideas?
Cheers,
Chris.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
Bug ID: 3307
Summary: Segfault or ( malloc_consolidate(): invalid chunk size
+ Aborted) with GSSAPITrustDns yes
Product: Portable OpenSSH
Version: 8.3p1
Hardware: Other
OS: Linux
Status: NEW
Severity: major
Priority: P5
Component: Kerberos support
Assignee: unassigned-bugs@mindrot.org
Reporter: calestyo@scientia.net
Hey there.
I've noted the two errors, with the following setup:
Locally, I have:
OpenSSH_8.4p1 Debian-5, OpenSSL 1.1.1k 25 Mar 2021
from which I connect to some internal node at CERN
(hammercloud-ai-11.cern.ch) via some publicly available node
(lxplus.cern.ch) which all have:
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
The lxplus.cern.ch is actually a round robin DNS name, but all nodes
behind have the same ssh server key.
Since CERN uses AFS, I have to do GSSAPI auth.
Locally I have a keytab file created with ktuil, which even works out
of the box with SSH - that is, if I don't have a krb ticket yet, it
automatically creates one.
My SSH config looks like the following:
Host hammercloud-ai-11.cern.ch
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPIRenewalForcesRekey yes
GSSAPITrustDns yes
ProxyJump lxplus.cern.ch
Host lxplus.cern.ch
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPIRenewalForcesRekey yes
GSSAPITrustDns yes
# ControlMaster auto
# ControlPersist 10s
# ControlPath ~/.ssh/channel-mux/%r@%h:%p
Host *.cern.ch
User someUser
IdentityFile ~/.ssh/id_ed25519
SetEnv "LANG=en_US.UTF-8"
Further, I do have a custom locale which is basically en_US.UTF-8, but
with some international stuff like "," as decimal separator.
Now that works to login to lxplus, and from there (within an
interactive session) to hammercloud-ai-11.
When I use the ProxyJump however and directly go to hammercloud-ai-11,
I start to see errors.
1) with LANG=en_DE.UTF-8 it segfaults:
$ ssh hammercloud-ai-11.cern.ch -v
...
Authenticated to hammercloud-ai-11.cern.ch (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_DE.UTF-8
Segmentation fault
$ debug1: stdio forwarding: done
Interestingly it seems to still try to send "my" locale instead what
I've configured above with:
SetEnv "LANG=en_US.UTF-8"
2) the same with LANG=C
$ export LANG=C
$ ssh hammercloud-ai-11.cern.ch -v
...
Authenticated to hammercloud-ai-11.cern.ch (via proxy).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: proc
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = C
malloc_consolidate(): invalid chunk size
Aborted
$ debug1: stdio forwarding: done
Whether or not using a Control Channel doesn't seem to matter.
When I comment the
Host hammercloud-ai-11.cern.ch
...
# GSSAPITrustDns yes
It works in both cases.
Commeting the same for lxplus (the proxy node), doesn't solve the
issue.
Any ideas?
Cheers,
Chris.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs