[OpenAFS] 14 Jan 2021 08:25:36 GMT Breakage in RX Connection ID calculation

Heinz-Ado Arnolds arnolds@MPA-Garching.MPG.DE
Thu, 14 Jan 2021 18:57:29 +0100


This is a cryptographically signed message in MIME format.

--------------ms010104060107020702020107
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

P.S.: I get timeouts with ssh logins even between patched 1.8.6 clients d=
uring aklog (tested by commenting aklog from pam settings -> no timeout).=
 Token was obtained after timeout.

Cheers and thanks again,

Ado

Heinz-Ado Arnolds wrote on 14.01.21 18:45:
> Dear Jeffrey,
>=20
> many thanks for your fast response from Germany too!
>=20
> When issuing "vos listvol <server>" on a patched 1.8.6 client to an 1.6=
=2E22.1 <server>, I still get "Could not get the list of partitions from =
the server. Possible communication failure". The same command works from =
a client running 1.6.23.
>=20
> I'm still having problems when doing an ssh from a patched 1.8.6 client=
 to a server running an unpatched 1.8.6 and vice versa. The login process=
 hangs during aklog. That means both machines have to run a patched 1.8.6=
?
>=20
> Thanks and cheers,
>=20
> Ado
>=20
> Neil Brown wrote on 14.01.21 18:19:
>> On Thu, 14 Jan 2021, Jeffrey E Altman wrote:
>>
>>> Patches to correct the flaw are available from OpenAFS Gerrit
>>>
>>> =C2=A0https://gerrit.openafs.org/14491
>>> =C2=A0rx: rx_InitHost do not overwrite RAND_bytes rx_nextCid
>>>
>>> =C2=A0https://gerrit.openafs.org/14492
>>> =C2=A0rx: update_nextCid overflow handling is broken
>>
>> Jeffrey,
>>
>> Informatics at the University of Edinburgh, are very grateful for you =
and AuriStor's quick response to this, as I'm sure are many other members=
 of this list.
>>
>> Also thanks, to the other members of this list with their efforts in d=
iagnosing the root cause.
>>
>> Hopefully we'll be able to try a patched version tomorrow.
>>
>> Thanks again,
>>
>> Neil
>=20


--------------ms010104060107020702020107
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC
EHAwggUSMIID+qADAgECAgkA4wvV+K8l2YEwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYT
AkRFMSswKQYDVQQKDCJULVN5c3RlbXMgRW50ZXJwcmlzZSBTZXJ2aWNlcyBHbWJIMR8wHQYD
VQQLDBZULVN5c3RlbXMgVHJ1c3QgQ2VudGVyMSUwIwYDVQQDDBxULVRlbGVTZWMgR2xvYmFs
Um9vdCBDbGFzcyAyMB4XDTE2MDIyMjEzMzgyMloXDTMxMDIyMjIzNTk1OVowgZUxCzAJBgNV
BAYTAkRFMUUwQwYDVQQKEzxWZXJlaW4genVyIEZvZXJkZXJ1bmcgZWluZXMgRGV1dHNjaGVu
IEZvcnNjaHVuZ3NuZXR6ZXMgZS4gVi4xEDAOBgNVBAsTB0RGTi1QS0kxLTArBgNVBAMTJERG
Ti1WZXJlaW4gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtg1/9moUHN0vqHl4pzq5lN6mc5WqFggEcVToyVsuXPztNXS43O+FZs
FVV2B+pG/cgDRWM+cNSrVICxI5y+NyipCf8FXRgPxJiZN7Mg9mZ4F4fCnQ7MSjLnFp2uDo0p
eQcAIFTcFV9Kltd4tjTTwXS1nem/wHdN6r1ZB+BaL2w8pQDcNb1lDY9/Mm3yWmpLYgHurDg0
WUU2SQXaeMpqbVvAgWsRzNI8qIv4cRrKO+KA3Ra0Z3qLNupOkSk9s1FcragMvp0049ENF4N1
xDkesJQLEvHVaY4l9Lg9K7/AjsMeO6W/VRCrKq4Xl14zzsjz9AkH4wKGMUZrAcUQDBHHWekC
AwEAAaOCAXQwggFwMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUk+PYMiba1fFKpZFK4OpL
4qIMz+EwHwYDVR0jBBgwFoAUv1kgNgB5oKAia4zV8mHSuCzLgkowEgYDVR0TAQH/BAgwBgEB
/wIBAjAzBgNVHSAELDAqMA8GDSsGAQQBga0hgiwBAQQwDQYLKwYBBAGBrSGCLB4wCAYGZ4EM
AQICMEwGA1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9wa2kwMzM2LnRlbGVzZWMuZGUvcmwvVGVs
ZVNlY19HbG9iYWxSb290X0NsYXNzXzIuY3JsMIGGBggrBgEFBQcBAQR6MHgwLAYIKwYBBQUH
MAGGIGh0dHA6Ly9vY3NwMDMzNi50ZWxlc2VjLmRlL29jc3ByMEgGCCsGAQUFBzAChjxodHRw
Oi8vcGtpMDMzNi50ZWxlc2VjLmRlL2NydC9UZWxlU2VjX0dsb2JhbFJvb3RfQ2xhc3NfMi5j
ZXIwDQYJKoZIhvcNAQELBQADggEBAIcL/z4Cm2XIVi3WO5qYi3FP2ropqiH5Ri71sqQPrhE4
eTizDnS6dl2e6BiClmLbTDPo3flq3zK9LExHYFV/53RrtCyD2HlrtrdNUAtmB7Xts5et6u5/
MOaZ/SLick0+hFvu+c+Z6n/XUjkurJgARH5pO7917tALOxrN5fcPImxHhPalR6D90Bo0fa3S
PXez7vTXTf/D6OWST1k+kEcQSrCFWMBvf/iu7QhCnh7U3xQuTY+8npTD5+32GPg8SecmqKc2
2CzeIs2LgtjZeOJVEqM7h0S2EQvVDFKvaYwPBt/QolOLV5h7z/0HJPT8vcP9SpIClxvyt7bP
ZYoaorVyGTkwggWNMIIEdaADAgECAgwcOtRQhH7u81j4jncwDQYJKoZIhvcNAQELBQAwgZUx
CzAJBgNVBAYTAkRFMUUwQwYDVQQKEzxWZXJlaW4genVyIEZvZXJkZXJ1bmcgZWluZXMgRGV1
dHNjaGVuIEZvcnNjaHVuZ3NuZXR6ZXMgZS4gVi4xEDAOBgNVBAsTB0RGTi1QS0kxLTArBgNV
BAMTJERGTi1WZXJlaW4gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjAeFw0xNjExMDMxNTI0
NDhaFw0zMTAyMjIyMzU5NTlaMGoxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZCYXllcm4xETAP
BgNVBAcMCE11ZW5jaGVuMSAwHgYDVQQKDBdNYXgtUGxhbmNrLUdlc2VsbHNjaGFmdDEVMBMG
A1UEAwwMTVBHIENBIC0gRzAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhx4
59Lh4WqgOs/Md04XxU2yFtfM15ZuJV0PZP7BmqSJKLLPyqmOrADfNdJ5PIGBto2JBhtRRBHd
G0GROOvTRHjzOga95WOTeura79T21FWwwAwa29OFnD3ZplQs6HgdwQrZWNi1WHNJxn/4mA19
rNEBUc5urSIpZPvZi5XmlF3v3JHOlx3KWV7mUteB4pwEEfGTg4npPAJbp2o7arxQdoIq+Pu2
OsvqhD7Rk4QeaX+EM1QS4lqd1otW4hE70h/ODPy1xffgbZiuotWQLC6nIwa65Qv6byqlIX0q
Zuu99Vsu+r3sWYsL5SBkgecNI7fMJ5tfHrjoxfrKl/ErTAt8GQIDAQABo4ICBTCCAgEwEgYD
VR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0gBCIwIDANBgsrBgEEAYGt
IYIsHjAPBg0rBgEEAYGtIYIsAQEEMB0GA1UdDgQWBBTEiKUH7rh7qgwTv9opdGNSG0lwFjAf
BgNVHSMEGDAWgBST49gyJtrV8UqlkUrg6kviogzP4TCBjwYDVR0fBIGHMIGEMECgPqA8hjpo
dHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9jcmwvY2Fjcmwu
Y3JsMECgPqA8hjpodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1
Yi9jcmwvY2FjcmwuY3JsMIHdBggrBgEFBQcBAQSB0DCBzTAzBggrBgEFBQcwAYYnaHR0cDov
L29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZlci9PQ1NQMEoGCCsGAQUFBzAChj5odHRwOi8v
Y2RwMS5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNy
dDBKBggrBgEFBQcwAoY+aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1j
YS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwDQYJKoZIhvcNAQELBQADggEBABLpeD5FygzqOjj+
/lAOy20UQOGWlx0RMuPcI4nuyFT8SGmK9lD7QCg/HoaJlfU/r78ex+SEide326evlFAoJXIF
jVyzNltDhpMKrPIDuh2N12zyn1EtagqPL6hu4pVRzcBpl/F2HCvtmMx5K4WN1L1fmHWLcSap
dhXLvAZ9RG/B3rqyULLSNN8xHXYXpmtvG0VGJAndZ+lj+BH7uvd3nHWnXEHC2q7iQlDUqg0a
wIqWJgdLlx1Q8Dg/sodv0m+LN0kOzGvVDRCmowBdWGhhusD+duKV66pBl+qhC+4LipariWaM
qK5ppMQROATjYeNRvwI+nDcEXr2vDaKmdbxgDVwwggXFMIIEraADAgECAgwfARBoouvwcIaZ
nMQwDQYJKoZIhvcNAQELBQAwajELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJheWVybjERMA8G
A1UEBwwITXVlbmNoZW4xIDAeBgNVBAoMF01heC1QbGFuY2stR2VzZWxsc2NoYWZ0MRUwEwYD
VQQDDAxNUEcgQ0EgLSBHMDIwHhcNMTgwNDI2MDg1MDMzWhcNMjEwNDI1MDg1MDMzWjCBmzEL
MAkGA1UEBhMCREUxIDAeBgNVBAoMF01heC1QbGFuY2stR2VzZWxsc2NoYWZ0MS0wKwYDVQQL
DCRNYXgtUGxhbmNrLUluc3RpdHV0IGZ1ZXIgQXN0cm9waHlzaWsxHzAdBgNVBAsMFk5ldHdv
cmsgQWRtaW5pc3RyYXRpb24xGjAYBgNVBAMMEUhlaW56LUFkbyBBcm5vbGRzMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Gd4Ul1UX/c2t8LM56/sHlksOdRbd0qRLL5dtEeC
A8Un19eiVHByLegU019QZraf3m2wFNiB010qFh7JK0lArLRZ18wn7rXg5KE9yuw3/qOwd0uh
RPsoBYbGu8D+OPbvyRiHUhzMOZXwZCb1CC4b6Vl3ARC9ovNmgN8OfBFp7Yt5rTW89Js4D2o7
COwxfa8ZkQyfS93yoOUaWEMOAgYujxeOWjiLgUi7QpNS2gKkWDFN9R/jkCFcmgL1OjOsyqUW
EtZgyIMFRkKrskIT1NbRo/9Sd2OlPH/V/MkzfLZ5AlJGm0KP2EeXmuymA8DwPFh0k2vsq6lQ
zAG5ZkkemaLWVQIDAQABo4ICNzCCAjMwCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMCBeAwHQYD
VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBSIZVHyo5lA07hN81YOxOVa
u9W7dzAfBgNVHSMEGDAWgBTEiKUH7rh7qgwTv9opdGNSG0lwFjAmBgNVHREEHzAdgRthcm5v
bGRzQG1wYS1nYXJjaGluZy5tcGcuZGUwfQYDVR0fBHYwdDA4oDagNIYyaHR0cDovL2NkcDEu
cGNhLmRmbi5kZS9tcGctZzItY2EvcHViL2NybC9jYWNybC5jcmwwOKA2oDSGMmh0dHA6Ly9j
ZHAyLnBjYS5kZm4uZGUvbXBnLWcyLWNhL3B1Yi9jcmwvY2FjcmwuY3JsMIHNBggrBgEFBQcB
AQSBwDCBvTAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZl
ci9PQ1NQMEIGCCsGAQUFBzAChjZodHRwOi8vY2RwMS5wY2EuZGZuLmRlL21wZy1nMi1jYS9w
dWIvY2FjZXJ0L2NhY2VydC5jcnQwQgYIKwYBBQUHMAKGNmh0dHA6Ly9jZHAyLnBjYS5kZm4u
ZGUvbXBnLWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBABgNVHSAEOTA3MA8GDSsGAQQB
ga0hgiwBAQQwEQYPKwYBBAGBrSGCLAEBBAMIMBEGDysGAQQBga0hgiwCAQQDCDANBgkqhkiG
9w0BAQsFAAOCAQEAX9KOwpi+EyuTM6Rb976+t4g1h5zeLmsh0Lxzl3tEUvjeQUQyNWHrfObd
+8zreLAMmDuDe2n7U9pHeE8A3fyAMG9vRxa2EgcHLWAJgNzSQKRqfeUKGUcmBUvKm3jtAJdd
YJgKt/kv4k+B7+QLu+Xnscxg9RrBJayLSMkGjisMCeb8VRYziFN75T7BAV5MsWZGFsU205z6
Ko+W3vAgHMO756cS4nUnkAdBVlN0JN+LgtAsQ3iSWil3G2+z/RIFJ2txwsY1zdrbhTDXvUGd
fyikplwTD9eN70hjM/Z1ZaM7jsbv03siJHYM/k/z0FGBwOA3cbwV9ViOF8YGlNfMIOLt5TGC
A5owggOWAgEBMHowajELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJheWVybjERMA8GA1UEBwwI
TXVlbmNoZW4xIDAeBgNVBAoMF01heC1QbGFuY2stR2VzZWxsc2NoYWZ0MRUwEwYDVQQDDAxN
UEcgQ0EgLSBHMDICDB8BEGii6/BwhpmcxDANBglghkgBZQMEAgEFAKCCAfEwGAYJKoZIhvcN
AQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjEwMTE0MTc1NzI5WjAvBgkqhkiG
9w0BCQQxIgQgT1BiiAYgrKJt+W32PAISVm5T3vL6Cd7ao/G/9ZueInQwbAYJKoZIhvcNAQkP
MV8wXTALBglghkgBZQMEASowCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMC
AgIAgDANBggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBiQYJKwYBBAGC
NxAEMXwwejBqMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVu
Y2hlbjEgMB4GA1UECgwXTWF4LVBsYW5jay1HZXNlbGxzY2hhZnQxFTATBgNVBAMMDE1QRyBD
QSAtIEcwMgIMHwEQaKLr8HCGmZzEMIGLBgsqhkiG9w0BCRACCzF8oHowajELMAkGA1UEBhMC
REUxDzANBgNVBAgMBkJheWVybjERMA8GA1UEBwwITXVlbmNoZW4xIDAeBgNVBAoMF01heC1Q
bGFuY2stR2VzZWxsc2NoYWZ0MRUwEwYDVQQDDAxNUEcgQ0EgLSBHMDICDB8BEGii6/Bwhpmc
xDANBgkqhkiG9w0BAQEFAASCAQC5gZakHIDhv5H4dXrVf7kdNL0zgO0XaR3yATeeWHABIBy1
pN3G9BkUgyUvlb1xLIMbD5Pz6DmyAgWAvPeQ2Tvt1+Wgzuw7gUU4iIedRvEPK6dqb2T+rd6K
4E9fZmCwR2frdJtBjHfdWGJBEKJwGghwRM8146Rd062K4EVuRtKDW3aVFlcd9UyOAGXZm3LI
/7fXlKiCVwgqfrWzFI/qn1j8Zow6RCm/z0AG4aDc4DnNaagMiEWS/SdzOstcupbX0gtBmRNj
YSlBCBNIO1qbY/fUK2h2U29wYhYEAWcent6kC8jvrSeGKgMXVPlZwpQQ9oZypvM3+I3R2W9M
yHsvYrR6AAAAAAAA
--------------ms010104060107020702020107--