[1204] in Kerberos
Nasty gotcha in krb_recvauth()
daemon@ATHENA.MIT.EDU (John Paul Hascall)
Mon Jan 21 01:15:13 1991
Date: 21 Jan 91 03:05:16 GMT
From: john@iastate.edu (John Paul Hascall)
To: kerberos@shelby.Stanford.EDU
Imagine you have a client and a server which have managed to get a
socket connected between themselves. The server does krb_recvauth()
expecting the client to do krb_sendauth(), but, for whatever reason,
the client exits closing the socket. Now krb_recvauth() returns
KSUCCESS which is clearly inappropriate.
How does this happen, you ask?
In rather rough pseudo-code:
krb_sendauth(...) {
if (krb_net_read(...nbytes) != nbytes) {
return (errno);
}
:
}
krb_net_read() does a read(), returns the number of bytes read,
the test fails and it returns errno. Only two problems:
1) errno, having not been set, is still zero
2) KSUCCESS is also zero
A work-around:
ticket.length = 0;
kstat = krb_recvauth(... &ticket, ...);
if ((kstat == 0) && (ticket.length == 0)) kstat = RD_AP_UNDEC;
Of course, the right way to fix it would be to do something like this:
if (krb_net_read(...nbytes) != nbytes) {
return ((errno != 0) ? errno : RD_AP_UNDEC);
}
in the appropriate locations in krb_recvauth().
--john
--
John Hascall An ill-chosen word is the fool's messenger.
Project Vincent
Iowa State University Computation Center john@iastate.edu
Ames, IA 50011 (515) 294-9551
