Re: saslauthd/PAM


Subject: Re: saslauthd/PAM
From: Jeremy Rumpf (jrumpf at heavyload dot net)
Date: Sat May 24 2003 - 16:47:43 EDT


On Saturday 24 May 2003 01:53 pm, Sean wrote:
> This might be related to the unix sockets issue or it maybe something else
> unrelated If you need/want more information. Please let me know what I can
> do. (This also may have been sent 2x and if it was I apologize.)
>
> saslauthd is crashing when trying to use the sample client/server set-up
> to test out PAM. RH 9.0/SASL 2.1.13
>
> It works if I use the PAM unix modules to auth against, but when I use the
> pam_afs (openafs) modules, it fails to auth me and it is crashing
> saslauthd, seemingly randomly. It does not do this every time and the only
> thing I am changing is the pam.d/sample file to see if it is a
> configuration problem with the PAM modules themselves. I believe this
> crashed with both the pam_unix and the pam_afs modules although for sure
> it has with the latter.
>
> If you look at ths following log snippet where it crashed, you will notice
> i typo'd sufficient for the PAM entry for password. =) I don't think that
> is it but it might be related there are other places in the logs where you
> get that error and it doesnt crash saslauthd.
>
> If you look at it just after that you see:
> May 23 20:04:19 test-afs-1 sasl-sample-server: size read failed
> just before it crashed and this DOESNT happen every time you see the PAM
> misentry error occur. But you see the "size read failed" everytime before
> saslauthd crashes.
>
> May 23 20:02:43 test-afs-1 saslauthd[12921]: do_auth : auth
> failure: [user=omalleys] [service=sample] [realm=] [mech=pam]
> May 23 20:02:43 test-afs-1 sasl-sample-server: Password verification
> failed
> May 23 20:04:19 test-afs-1 saslauthd[12917]: PAM pam_parse: expecting
> return value; [...sufficent]
> May 23 20:04:19 test-afs-1 pam_afs[12958]: server_exit : master
> exited: 12917
> May 23 20:04:19 test-afs-1 pam_afs[12917]: server_exit : master
> exited: 12917
> May 23 20:04:19 test-afs-1 sasl-sample-server: size read failed
> May 23 20:04:19 test-afs-1 sasl-sample-server: Password verification
> failed
> May 23 20:04:55 test-afs-1 sasl-sample-server: cannot connect to saslauthd
> server: No such file or directory

Just built and tested saslauthd on RH9.0 using pam_unix (pam-0.75-32). Started
saslauthd (saslauthd -a pam -d -n 10). Used testsaslauthd (./testsaslauthd
-u jrumpf -p xxxxx -s login).

saslauthd[27730] :rel_accept_lock : released accept lock
saslauthd[27731] :get_accept_lock : acquired accept lock
saslauthd[27730] :do_auth : auth success: [user=jrumpf]
[service=login] [realm=] [mech=pam]
saslauthd[27730] :do_request : response: OK

was the response. Then I fired off 5 of them banging away at saslauthd (20000
logins a peice) with the cache disabled. Saslauthd survived the attack. Did
the same with half using a correct password, the other half using a bad
password. Saslauthd survived as well.

Perhaps it could be some interaction with pam_afs?

Just throwing in some prelim testing...

Cheers,
Jeremy







Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD