[rt-users] [bug report] intermittent login / sessioning problem

[Rick Bradley]

* Rick Bradley (rt-users at rickbradley.com) [020927 08:38]:
> > Bug Report Summary
> > ------------------
> > Behavior Expected:  Web interface should allow logins for known active
> >                     users
> > Behavior Observed:  Periodically the web interface will deny logins
> >                     for any valid user, returning a "Your username or
> >                     password is incorrect" message.  Once a sequence
> >                     of steps is taken (described below) the problem
> >                     disappears.  The problem recurs periodically.
> > Versions:           RT-2.0.14 from source, Debian Linux (kernel SMP
> >                     2.4.19), Apache 1.3.26, MySQL 3.23.52

We were able to track down what appears to be the origin of this
problem.  Via the modperl list [0] (mostly off-list) we received some
assistance which suggested that crypt() is indeed not reentrant, but
that there is a common reentrant crypt() which some Perl's support.
Following up further we found that we appear to have a reentrant crypt()
that appears to be recognized by Perl but are still having the problem.

Additional research turned up a problem in Linux's glibc implementation
of crypt() which already has a workaround implemented for bleeding edge
Perls. [1] 

With respect to RT I consider this issue resolved.

[0] http://marc.theaimsgroup.com/?l=apache-modperl&m=103367209622204&w=2
[1] http://marc.theaimsgroup.com/?l=perl5-porters&m=103012185631309&w=2

Rick
-- 
 http://www.rickbradley.com    MUPRN: 753    (59F/57F)
                       |  good little girl much
   random email haiku  |  less a sinner like you!). No
                       |  packing as of yet.