From owner-freebsd-security@FreeBSD.ORG  Sat Jan 29 02:59:54 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 85B5D16A4CE; Sat, 29 Jan 2005 02:59:54 +0000 (GMT)
Received: from harik.murex.com (mail.murex.com [194.98.239.11])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id BCFDF43D31; Sat, 29 Jan 2005 02:59:53 +0000 (GMT)
	(envelope-from mi+mx@aldan.algebra.com)
Received: from interscan.fr.murex.com (iscan.murex.fr [172.21.17.207] (may be
	forged))	by harik.murex.com with ESMTP id j0T2oRgu027748;
	Sat, 29 Jan 2005 03:50:27 +0100 (CET)
Received: from mxmail.murex.com (interscan.murex.fr [127.0.0.1])
	by interscan.fr.murex.com (8.11.6/8.11.6) with ESMTP id j0T32X800758;
	Sat, 29 Jan 2005 04:02:37 +0100
Received: from mteterin.us.murex.com ([172.21.130.86]) by mxmail.murex.com
	with Microsoft SMTPSVC(6.0.3790.0);	 Sat, 29 Jan 2005 03:59:21 +0100
From: Mikhail Teterin <mi+mx@aldan.algebra.com>
Organization: Virtual Estates, Inc.
To: questions@FreeBSD.org
Date: Fri, 28 Jan 2005 21:59:21 -0500
User-Agent: KMail/1.7.2
MIME-Version: 1.0
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200501282159.21711.mi+mx@aldan.algebra.com>
X-OriginalArrivalTime: 29 Jan 2005 02:59:22.0166 (UTC)
	FILETIME=[8873B560:01C505AE]
X-Mailman-Approved-At: Sat, 29 Jan 2005 13:08:55 +0000
cc: freebsd-security@FreeBSD.org
Subject: Cyrus IMAP crashes after reading /etc/krb5.conf
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jan 2005 02:59:54 -0000

Hello!

I'm trying to configure a freshly built mail/cyrus-imapd22 to work and 
authenticate accounts -- Kerberos and plain text.

The GSSAPI authentication works already. After doing kinit, I can do ``imtest 
-m GSSAPI hostname'' and it succeeds.

Now I'm trying to login with plain text (over SSL). Cyrus' imapd keeps 
crashing from SIGBUS. According to ktrace, this happens right after reading 
the krb5.conf (I replaced our domain with "example" below):

 29641 imapd    CALL  open(0x8167e80,0,0x1b6)
 29641 imapd    NAMI  "/etc/krb5.conf"
 29641 imapd    RET   open 12/0xc
 29641 imapd    CALL  fstat(0xc,0xbfbfbb40)
 29641 imapd    RET   fstat 0
 29641 imapd    CALL  read(0xc,0x8172000,0x4000)
 29641 imapd    GIO   fd 12 read 370 bytes
       "# This is from http://barney.gonzaga.edu/~awithers/integration/
        
        [libdefaults]
        default_realm = US.EXAMPLE.COM
        #dns_lookup_realm = true
        #dns_lookup_kdc = true
        default_tkt_enctypes = des-cbc-md5
        default_tgs_enctypes = des-cbc-md5
        
        [realms]
        US.MUREX.COM = {
                kdc = blake.us.example.com:88
                kpasswd_server = blake.us.example.com:464
        }
        
        [domain_realm]
        .us.example.com = US.EXAMPLE.COM
       "
 29641 imapd    RET   read 370/0x172
 29641 imapd    CALL  read(0xc,0x8172000,0x4000)
 29641 imapd    GIO   fd 12 read 0 bytes
       ""
 29641 imapd    RET   read 0
 29641 imapd    CALL  close(0xc)
 29641 imapd    RET   close 0
 29641 imapd    CALL  issetugid
 29641 imapd    RET   issetugid 0
 29641 imapd    CALL  __sysctl(0xbfbfa6c8,0x2,0xbfbfa6c0,0xbfbfa6c4,0,0)
 29641 imapd    RET   __sysctl 0
 29641 imapd    PSIG  SIGSEGV SIG_DFL
 29641 imapd    NAMI  "imapd.core"

Is there anything obviously wrong with the file itself? Why else would Cyrus 
crash right after reading it? Note, that Blake is a Windows 2000 server...

Another change I did was modifying the /etc/pam.d/system to make both unix and 
krb5 sufficient:

--- /usr/src/etc/pam.d/system   Sat Jun 14 08:35:05 2003
+++ /etc/pam.d/system   Fri Jan 28 20:29:06 2005
@@ -9,5 +9,5 @@
 auth           requisite       pam_opieaccess.so       no_warn allow_local
-#auth          sufficient      pam_krb5.so             no_warn try_first_pass
+auth           sufficient      pam_krb5.so             no_warn try_first_pass
 #auth          sufficient      pam_ssh.so              no_warn try_first_pass
-auth           required        pam_unix.so             no_warn try_first_pass 
nullok
+auth           sufficient      pam_unix.so             no_warn try_first_pass 
nullok
 
Thank you very much for any hints!

	-mi