[16801] in Kerberos-V5-bugs
[krbdev.mit.edu #9037] Race condition in krb5_set_password()
daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Fri Nov 12 13:05:06 2021
From: "Greg Hudson via RT" <rt@kerborg-prod-app-1.mit.edu>
In-Reply-To: <rt-4.4.3-2-4141960-1636662007-1749.9037-5-0@kerborg-prod-app-1.mit.edu>
Message-ID: <rt-4.4.3-2-71932-1636740280-1540.9037-5-0@kerborg-prod-app-1.mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #9037":;
Date: Fri, 12 Nov 2021 13:04:40 -0500
MIME-Version: 1.0
Reply-To: rt@kerborg-prod-app-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
<URL: http://kerborg-prod-app-1.mit.edu/rt/Ticket/Display.html?id=9037 >
After some thought, I think a reasonable strategy is to try TCP only, and
after that completely fails, try UDP only. This will have terrible
performance if TCP/464 is blackholed, but it will at least work.
I can see two basic implementation directions: we could define a new
k5_transport_strategy and handle this within k5_sendto(), or we could make two
separate calls to k5_sendto(). The latter option still requires an adjustment
to the internal k5_locate/k5_sendto APIs since we can't currently ask for UDP
only.
This plan does not rule out potential TCP-only races involving multiple admin
servers, but I think we can defer worrying about that until it becomes a real
issue.
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
