Hi,
I'm currently investigating a problem with Squids Kerberos authentication helper using Heimdal 7.5.0 under OpenBSD 6.3. Squid version is 3.2.27 and it's not the official OpenBSD port since it lacks support for Kerberos at all. I see a rapidly increasing memory consumption of the negotiate_kerberos_auth process when processing authentication requests. The helper is talking to a Windows 2016 AD server. Are there any known problems with Heimdal under OpenBSD 6.3? Can you perhaps give me some hints how to debug the problem? The massive leak happened after Heimdal has been updated from version 1.5.3 to 7.4.0 in prior versions of OpenBSD. After updating to OpenBSD 6.3 and Heimdal 7.5.0, the memory leak still exists. Thanks in advance! -- Matthias |
On 09/03/2018 01:49 PM, Harald Barth wrote:
> This might help: http://www.drijf.net/malloc/ > > Harald. Hello Harald, Thanks for this hint but unfortunately that led to a totally broken system :( Any other ideas? Some debugging knobs in Heimdal itself? -- Matthias |
In reply to this post by Silamael
> On Sep 3, 2018, at 7:16 AM, Silamael <[hidden email]> wrote: > > Are there any known problems with Heimdal under OpenBSD 6.3? None known. I'd change the code to exit the main loop after a number of requests (say 100), and run it under valgrind. -- Viktor. |
Hi ! just a quick question - if someone knows straight away - please reply, otherwise I will investigate myself. I have build Heimdal 7.5.0 for Mac and ARM v.7. when I am trying to do final link with the application, I am getting this: Undefined symbols for architecture x86_64: "___heim_string_constant", referenced from: _an2ln_def_plug_an2ln in my_lib.a(libkrb5_la-aname_to_localname.o) "_heim_number_create", referenced from: _an2ln_def_plug_an2ln in my_lib.a(libkrb5_la-aname_to_localname.o) "_heim_data_ref_create", referenced from: _an2ln_def_plug_an2ln in my_lib.a(libkrb5_la-aname_to_localname.o) "_hc_RC4", referenced from: _v2_sign_message in my_lib.a(crypto.o) _v1_sign_message in my_lib.a(crypto.o) __gss_ntlm_verify_mic in my_lib.a(crypto.o) __gss_ntlm_wrap in my_lib.a(crypto.o) _v2_seal_message in my_lib.a(crypto.o) __gss_ntlm_unwrap in my_lib.a(crypto.o) _v2_unseal_message in my_lib.a(crypto.o) ... "_hc_EVP_CIPHER_CTX_block_size", referenced from: __krb5_evp_encrypt_cts in my_lib.a(libkrb5_la-crypto-evp.o) "_hc_EVP_CIPHER_CTX_iv_length", referenced from: __krb5_evp_encrypt in my_lib.a(libkrb5_la-crypto-evp.o) "_hc_DES_ede3_cbc_encrypt", referenced from: and many other similar missing symbols, like "_hc_EVP_BytesToKey", "_hc_EVP_aes_192_cbc", etc. I can see that these symbols are redefines of OpenSSL symbols. but it is not clear for me (at this moment) how it should be linked. I am using these libraries : libasn1.a libcom_err.a libgssapi.a libheimntlm.a libhx509.a libkrb5.a libroken.a libwind.a is there any additional steps I need to do here? regards, Alibek |
ok, replying myself: Heimdal 7.5.0 (as opposed to 1.4) has new libraries: libheimbase, libhcrypto, etc. so they all need to be passed to the linker. Alibek
On Tuesday, 11 September 2018, 13:06:34 GMT+1, Alibek Jorajev <[hidden email]> wrote:
Hi ! just a quick question - if someone knows straight away - please reply, otherwise I will investigate myself. I have build Heimdal 7.5.0 for Mac and ARM v.7. when I am trying to do final link with the application, I am getting this: Undefined symbols for architecture x86_64: "___heim_string_constant", referenced from: _an2ln_def_plug_an2ln in my_lib.a(libkrb5_la-aname_to_localname.o) "_heim_number_create", referenced from: _an2ln_def_plug_an2ln in my_lib.a(libkrb5_la-aname_to_localname.o) "_heim_data_ref_create", referenced from: _an2ln_def_plug_an2ln in my_lib.a(libkrb5_la-aname_to_localname.o) "_hc_RC4", referenced from: _v2_sign_message in my_lib.a(crypto.o) _v1_sign_message in my_lib.a(crypto.o) __gss_ntlm_verify_mic in my_lib.a(crypto.o) __gss_ntlm_wrap in my_lib.a(crypto.o) _v2_seal_message in my_lib.a(crypto.o) __gss_ntlm_unwrap in my_lib.a(crypto.o) _v2_unseal_message in my_lib.a(crypto.o) ... "_hc_EVP_CIPHER_CTX_block_size", referenced from: __krb5_evp_encrypt_cts in my_lib.a(libkrb5_la-crypto-evp.o) "_hc_EVP_CIPHER_CTX_iv_length", referenced from: __krb5_evp_encrypt in my_lib.a(libkrb5_la-crypto-evp.o) "_hc_DES_ede3_cbc_encrypt", referenced from: and many other similar missing symbols, like "_hc_EVP_BytesToKey", "_hc_EVP_aes_192_cbc", etc. I can see that these symbols are redefines of OpenSSL symbols. but it is not clear for me (at this moment) how it should be linked. I am using these libraries : libasn1.a libcom_err.a libgssapi.a libheimntlm.a libhx509.a libkrb5.a libroken.a libwind.a is there any additional steps I need to do here? regards, Alibek |
Free forum by Nabble | Edit this page |