[2079] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

K5b6 - Windows 3.1 and kpasswd

daemon@ATHENA.MIT.EDU (Doug Engert)
Mon Jul 8 11:48:54 1996

Date: Mon, 8 Jul 1996 10:48:33 -0500
From: Doug Engert <DEEngert@anl.gov>
To: krb5-bugs@MIT.EDU


I now have the Windows 3.1 CNS.EXE program working, including the ability
to change passwords. This took a number of changes of which the main
one is included in this note. (The others will be send in following notes.)
 
Prior to these changes the CNS change password code would produce the
message "Bad format in credentials cache while changeing password"

This appears to come from some strange logic in lib/kadm/adm_connect.c:

    /*
     * We only need to resolve the credentials cache if one hasn't
     * been supplied to us.
     */
    if (!(*ccache) && (kret = krb5_cc_resolve(kcontext, new_cache, ccache)))
    goto cleanup;
 
    /* XXX assumes a file ccache */
    if ((kret = krb5_cc_get_principal(kcontext, *ccache, &tprinc)) ==
    KRB5_FCC_NOFILE)
    kret = krb5_cc_initialize(kcontext, *ccache, *client);

The above says, if we don't have a cache, lets get the principal
from it, first, which will fail, then we will initialize it. 
This does not work under windows.
 The following says if we don't have a cache, initialize it, then 
continue. 

*** ./lib/kadm/,adm_conn.c  Mon Oct  2 14:33:06 1995
--- ./lib/kadm/adm_conn.c   Mon Jul  8 08:57:19 1996
***************
*** 145,152 ****
       * We only need to resolve the credentials cache if one hasn't
       * been supplied to us.
       */
!     if (!(*ccache) && (kret = krb5_cc_resolve(kcontext, new_cache, ccach
e)))
!   goto cleanup;
 
      /* XXX assumes a file ccache */
      if ((kret = krb5_cc_get_principal(kcontext, *ccache, &tprinc)) ==
--- 145,157 ----
       * We only need to resolve the credentials cache if one hasn't
       * been supplied to us.
       */
!     if (!(*ccache)) {
!       if (kret = krb5_cc_resolve(kcontext, new_cache, ccache))
!           goto cleanup;
!       if (kret = krb5_cc_initialize(kcontext, *ccache, *client))
!           goto cleanup;
!   }
!   else
 
      /* XXX assumes a file ccache */
      if ((kret = krb5_cc_get_principal(kcontext, *ccache, &tprinc)) ==


The above changes has been tested on Windows 3.1, with the CNS.EXE,
and on AIX 4.1.4. with the kpasswd command.

 
 Douglas E. Engert  <DEEngert@anl.gov>
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439 
 (708) 252-5444
 PGP Key fingerprint =  20 2B 0C 78 43 8A 9C A6  29 F7 A3 6D 5E 30 A6 7F
home help back first fref pref prev next nref lref last post