gensec_krb5_start() fails silently with tlocal_addr / tremote_addr is IPv6

Lorenz Schori lo at znerol.ch
Thu Jul 1 20:07:27 UTC 2021 

Hi,

The function gensec_krb5_start() returns NT_STATUS_INTERNAL_ERROR when
tlocal_addr / tremote_addr are IPv6. No debug messages are generated in
this case and nothing obvious shows up in strace. Only thing i see in
logs even with log level 10 are the following lines:


    Starting GENSEC mechanism krb5
    Failed to start GENSEC server mech krb5: NT_STATUS_INTERNAL_ERROR


As a result things like kpasswd do not work.

Loking through the samba source there are not so many code paths through
gensec_krb5_start() without any DEBUG statements. Thus I believe what
happens is the following (from gensec_krb.c, see [1]).

		sockaddr_ret = tsocket_address_bsd_sockaddr(
			tlocal_addr, &addr.u.sa, sizeof(addr.u.sa));
		if (sockaddr_ret < 0) {
			talloc_free(gensec_krb5_state);
			return NT_STATUS_INTERNAL_ERROR;
		}

When tlocal_addr is IPv6, then sockaddr_ret will return an error.
Looking at other examples of tsocket_address_bsd_sockaddr it seems that
most of them use sizeof(struct sockaddr_storage) for the last param
except the one call shown above.

I suspect that this might be the problem. Consider the following test
program:

$ cat <<EOF > /tmp/test.c
#include <netinet/in.h>
#include <stdio.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <unistd.h>

#define sockaddr_storage sockaddr_in6
struct samba_sockaddr {
	socklen_t sa_socklen;
	union {
		struct sockaddr sa;
		struct sockaddr_in in;
		struct sockaddr_in6 in6;
		struct sockaddr_un un;
		struct sockaddr_storage ss;
	} u;
};

int main(void) {
        struct samba_sockaddr addr;
        printf("sizeof(addr.u.sa): %ld\n", sizeof(addr.u.sa));
        printf("sizeof(struct sockaddr_storage): %ld\n",
		sizeof(struct sockaddr_storage));
	return 0;
}

EOF

On my machine, this produces the following output:

./a.out 
sizeof(addr.u.sa): 16
sizeof(struct sockaddr_storage): 28

Cheers,
Lorenz

1) gensec_krb3.c:
<https://github.com/samba-team/samba/blob/b3ee034b4d457607ef25a5b01da64e1eaf5906dd/source4/auth/gensec/gensec_krb5.c#L152-L157>

More information about the samba-technical mailing list