...
|
...
|
@@ -8,6 +8,23 @@ ordered by numbers of ser versions to which they relate,
|
8
|
8
|
beginning with the newest release. Issues related to
|
9
|
9
|
operating systems are summarized in the bottom.
|
10
|
10
|
--------------------------------------------------------------
|
|
11
|
+Desc: tls triggered crash on system with kerberos enabled openssl libs
|
|
12
|
+Ser version: 0.10.x, 0.9.x
|
|
13
|
+Reason: there is a bug in the openssl kerberos code (kssl.c):
|
|
14
|
+ libc malloc/free/calloc are used instead of the OPENSSL
|
|
15
|
+ versions. In ser ssl connections move between processes and
|
|
16
|
+ if normal mallocs are used (instead of ser shm versions) a
|
|
17
|
+ crash will occur eventually.
|
|
18
|
+ Quick openssl kerberos support check:
|
|
19
|
+ grep OPENSSL_NO_KRB5 openssl/opensslconf.h
|
|
20
|
+ If the above command returns no result => openssl is compiled with
|
|
21
|
+ kerberos support.
|
|
22
|
+Workaround: use openssl versions not compiled with kerberos support or
|
|
23
|
+ try a late ser 0.10.x version compiled on the target machine
|
|
24
|
+ (its very important to compile against the same openssl library
|
|
25
|
+ as the one on the target machine)
|
|
26
|
+CVS status: fixed / workarround enabled
|
|
27
|
+--------------------------------------------------------------
|
11
|
28
|
Desc: ser crashes on startup if a group is specified (-g or group=)
|
12
|
29
|
Ser version: <=0.8.12
|
13
|
30
|
Reason: bad copy & paste :-)
|