Problem with shibboleth 2.5.1 and starting a NativeSPTCPListener on Solaris 10

Christopher Bongaarts cab at umn.edu
Thu Feb 14 15:11:51 EST 2013 

On 2/14/2013 12:06 PM, Michael McManaman wrote:

> We have a number of shib 2.5.1 solaris 10 builds - which includes the
> stlport4 libraries and the needed boost headers  (as documented) - built
> with both gcc and the sun compiler, in both 32 & 64 bit, and are
> encountering an error when we try to start an SP TCP Listener.
>
> The error, as seen in the logs is as follows:
>
> INFO Shibboleth.Listener : listener service starting
> ERROR Shibboleth.Listener : socket call (bind) resulted in error (22):
> Invalid argument
> CRIT Shibboleth.Listener : failed to bind to socket.

Looks like you're running afoul of a fix intended for another platform. 
  EINVAL on bind() for sol10 is either a bad sockaddr size parameter, or 
the socket is already bound.  The former looks to be the issue here. 
shibsp/remoting/impl/TCPListener.cpp line 209-219:

	// Newer BSDs require the struct length be passed based on the socket 
address.
	// Others have no field for that and take the whole struct size like 
Windows does.
	# ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
  	# ifdef HAVE_STRUCT_SOCKADDR_STORAGE
  	if (::bind(s, (const struct sockaddr*)&m_sockaddr, m_sockaddr.ss_len) 
< 0) {
  	# else
  	if (::bind(s, (const struct sockaddr*)&m_sockaddr, 
m_sockaddr.sin_len) < 0) {
  	# endif
  	# else
  	if (::bind(s, (const struct sockaddr*)&m_sockaddr, 
sizeof(m_sockaddr)) < 0) {
  	# endif


On my solaris 10 box, it looks like HAVE_STRUCT_SOCKADDR_SA_LEN should 
not be defined, and it would compile the third bind, which would be 
correct (previous versions of shib always used it).  It does look like 
HAVE_STRUCT_SOCKADDR_STORAGE would be defined, so if you happened to be 
picking up the sockaddr.sa_len somehow (maybe dig through your 
configure.log) it would try to use one of the other fields, which may 
not be correct.

And since this change was specific to the TCPListener, the UNIXListener 
would not be affected.

The quick and dirty fix would be to remove the above code except for the 
third bind; a better fix would be to figure out if autoconf is finding 
things the code can't.

-- 
%%  Christopher A. Bongaarts   %%  cab at umn.edu          %%
%%  OIT - Identity Management  %%  http://umn.edu/~cab  %%
%%  University of Minnesota    %%  +1 (612) 625-1809    %%

More information about the users mailing list