[2119] in Kerberos-V5-bugs
Linux
daemon@ATHENA.MIT.EDU (Tom Hamilton)
Mon Jul 29 15:26:33 1996
Date: Mon, 29 Jul 1996 14:26:15 -0500 (EST)
To: krb5-bugs@MIT.EDU
From: Tom Hamilton <thamilt@indiana.edu>
Ok, I have just started on this mailing list, and I couldn't find an
archive of mail on MIT passed 1992 where the word Linux was mentioned
one time. I would love it if someone has a patch kit for linux.
Given
the appearance of "rootkits" used to break into systems I am trying to
beef
up a few computers....
#1 -----------
The one compile flaw I found for Linux centered around the definition
of
fd_set which (apparently on most other systems is a struct) This only
cropped up in /src/appl/gssftp/ftp/ftp.c
Linux declares the following in <<linux/posix_types.h>
typedef struct {
unsigned long fds_bits [__FDSET_LONGS];
} __kernel_fd_set;
and <<linux/types.h> declares
<bold>
typedef __kernel_fd_set fd_set;
</bold>So I just had to go through ftp.d replacing "struct fd_set" with
fd_set
for it to compile (And add #include <<linux/types.h> at the top of
ftp.c>
#2 -----------<bold>
</bold>The make file in /src/appl/gssftp/ftp has the following
lines<bold>
prefix=/usr/local
ADMIN_BINDIR = $(INSTALL_EXEC_PREFIX)/sbin
</bold>I am getting around to saying that after I did a make install
everything
installed in /usr/local/sbin instead of "/usr/local/admin" as stated on
Page 25
of the Kerberos "installation.ps" Dated March 20, 1996.
Any cause for alaram ?
#3 -----------------------
When I did "make check" the encryption tests and comparisons seemed to
go fine
until a line appearing something like "SHS"<bold>
here... (results of make check)
...
>7 tests passed successfully for MD5.
>./t_cksum "this is a test"
>correct MD5 checksum("this is a test") =
>b33594b9ba342c5a89ae108e0c50542e29ef139
>abee9caa3
>old MD5 checksum("this is a test") = f3e6358b3548f822f92f54f96acd7418
>Verify succeeded for "this is a test"
>Compatible checksum verify succeeded for "this is a test"
>Verify of bad checksum OK for "this is a test"
>Compatible checksum verify of altered checksum OK for "this is a
test"
>1 tests passed successfully for MD5 checksum
>make[3]: Leaving directory
>`/usr/src/athena/krb5-beta6/src/lib/crypto/md5'
>checking in lib/crypto/sha...
>make[3]: Entering directory
>`/usr/src/athena/krb5-beta6/src/lib/crypto/sha'
>./t_shs -x
>Running SHS test 1 ...
>SHS test 1 failed
>make[3]: *** [check-unix] Error 255
>make[3]: Leaving directory
>`/usr/src/athena/krb5-beta6/src/lib/crypto/sha'
>make[2]: *** [check-unix] Error 1
>make[2]: Leaving directory
`/usr/src/athena/krb5-beta6/src/lib/crypto'
>make[1]: *** [check-unix] Error 1
>make[1]: Leaving directory `/usr/src/athena/krb5-beta6/src/lib'
>make: *** [check-unix] Error 1
</bold>IF the SHS tests are part of the tests that use rlogin (as
mentionetoon page 8)
then it might be a good idea to specifically mention this, or describe
what kind
of setup needs to be done for this to work.<bold>
</bold>#4 -----------------------<bold>
</bold>Next Big problem
After compiling "/src/admin/create/kdb5_create.c" when I run
kdb5_create
I get a nasty "Segmentation fault". No problem, I thought I would
just
put in a few printfs and track it down.
Here's the kicker for me, because I have never seen anything like it.
Even if I backup the original kd5_create.c and replace it with...
void main ( void )
{
printf ("Testing\n");
}
I still will get a segmentation faults when run after compiling.
(ps. yes I did erase the binary which was originally produced)
When I do a make after this change I get a
>make
>cc -L./../../lib -L./../../lib -o kdb5_create kdb5_create.o -lkadm
-lkdb5 -
>lkrb5 -ldbm -ldbm -lcrypto -lcom_err
Am I to conclude that one of these libs that are being linked in is
causing this.
I mean I have Never seen a program just "segment fault" with out (ME)
doing
something goofy like have uninitialized pointers or forgetting to
convieniently
update what ever data structure I am working with....
Am I to conclude that I will need to dig a little deeper to get this to
work.. ?
Any help you can shed would be appreciated...
-Tom Hamilton
<bold>
</bold>
-+=+---+=+---+=+---+=+---+=+---+=+---+=+---+=+---+=+---+=+---+=+---+=+-
Tom Hamilton / Computing Services |
Indiana University East | Very funny Scotty,
thamilt@indiana.edu | Now beam down my clothes.
root@ravenloft.iue.indiana.edu | -Capt Kirk
