[1713] in Kerberos-V5-bugs
5.5 bugs
daemon@ATHENA.MIT.EDU (Brian Reitz)
Fri Nov 10 11:22:38 1995
From: Brian Reitz <bdr@cray.com>
To: krb5-bugs@MIT.EDU
Date: Fri, 10 Nov 1995 10:22:10 -0600 (CST)
Cc: bdr@cray.com (Brian Reitz)
I've found a problem in the following code:
lib/krb5/krb/preauth.c
There is a problem with the initialization of the variable _preauth_systems_
Because an additional member was added to the krb5_preauth_ops structure
(the addition of _magic_) this initialization was creating problems
for the function _find_preauthenticator()_. This function was attemping
to spin through all of the available preauthentication types searching
for a match. It would finish looking if it either found a match or the
type in _preauth_systems_ was -1. Because the initialization was wrong
this code would spin through memory and eventually die or by chance find
a match and return leaving the caller to bail when trying to call the
preauth function. The fix is to initialize this structire properly.
This is how the init used to look:
static krb5_preauth_ops preauth_systems[] = {
{
0,
KRB5_PADATA_ENC_UNIX_TIME,
KRB5_PREAUTH_FLAGS_ENCRYPT,
get_unixtime_padata,
verify_unixtime_padata,
},
{
0,
KRB5_PADATA_ENC_SANDIA_SECURID,
KRB5_PREAUTH_FLAGS_ENCRYPT | KRB5_PREAUTH_FLAGS_HARDWARE,
get_securid_padata,
verify_securid_padata,
},
{ -1}
};
This is how it should look so that find_preauthenticator() works properly.
static krb5_preauth_ops preauth_systems[] = {
{
0,
KRB5_PADATA_ENC_UNIX_TIME,
KRB5_PREAUTH_FLAGS_ENCRYPT,
get_unixtime_padata,
verify_unixtime_padata,
},
{
0,
KRB5_PADATA_ENC_SANDIA_SECURID,
KRB5_PREAUTH_FLAGS_ENCRYPT | KRB5_PREAUTH_FLAGS_HARDWARE,
get_securid_padata,
verify_securid_padata,
},
{
-1,
-1,
}
};
I don't see the member _magic_ ever getting used anywhere so perhaps you
have something in mind for it and would rather its value not be -1. I
just picked -1 for no real reason. However the type member was not
getting set in the old init and it did need to be set to -1.
I also found a few make targets that messed me up. The _clean_ target
in both:
util/et/Makefile
-and-
util/ss/Makefile
ends up removing various .awk and .sed files that it expects really live
in another location, and thus there is a target to replace them. However
these files do not reside in another directory and doing a make clean will
forever remove them and force you to go back to your tar file and get them!
The following files were removed by make clean in util/et:
et_c.awk
et_h.awk
The following files were removed by make clean in util/ss:
ct_c.sed
ct_c.awk
As a side note I'm confused about the preauth type KRB5_PADATA_ENC_TIMESTAMP.
I find it used in the k5.5 code by various clients (ksh, kpasswd, kadmin)
when calling krb5_get_in_tkt_with_password yet I do not find this auth
type defined in the _preauth_systems_ structure in preauth.c. Is this
a new change that is part of your current work that has not been completed?
Perhaps you can shed some light on this for me.
Thanks,
------------------------------------------------------------------------------
Brian Reitz voice: (612) 683-5092
Cray Research Inc email: bdr@cray.com
655F Lone Oak Drive
Eagan, MN, 55121, USA
------------------------------------------------------------------------------
