[251] in Kerberos-V5-bugs
V4->V5 krb_rd_req patch
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Thu Nov 12 17:41:42 1992
Date: Thu, 12 Nov 92 17:14:54 -0500
From: "Barry Jaspan" <bjaspan@Athena.MIT.EDU>
To: kerberos@Athena.MIT.EDU, krb5-bugs@Athena.MIT.EDU
In V4, an instance of * to krb_rd_req used the first entry in the
srvtab file with a matching service name. This patch to
lib/krb425/rd_req.c implements that behavior. (The current behavior
in B2, using the fully canonicalized hostname of the server, appears
to be wrong in just about every case.)
Barry Jaspan
Aktis, Inc.
===================================================================
RCS file: RCS/rd_req.c,v
retrieving revision 5.11
diff -c -r5.11 rd_req.c
*** 5.11 1992/11/05 23:45:14
--- rd_req.c 1992/11/12 22:09:24
***************
*** 1,6 ****
/*
* $Source: /ua/software/src/krb5.src.B2/src/lib/krb425/RCS/rd_req.c,v $
! * $Author: jik $
*
* Copyright 1990,1991 by the Massachusetts Institute of Technology.
* All Rights Reserved.
--- 1,6 ----
/*
* $Source: /ua/software/src/krb5.src.B2/src/lib/krb425/RCS/rd_req.c,v $
! * $Author: bjaspan $
*
* Copyright 1990,1991 by the Massachusetts Institute of Technology.
* All Rights Reserved.
***************
*** 27,33 ****
#if !defined(lint) && !defined(SABER)
static char rcsid_rd_req_c[] =
! "$Id: rd_req.c,v 5.11 1992/11/05 23:45:14 jik Submitted $";
#endif /* !lint & !SABER */
#include "krb425.h"
--- 27,33 ----
#if !defined(lint) && !defined(SABER)
static char rcsid_rd_req_c[] =
! "$Id: rd_req.c,v 5.13 1992/11/12 22:09:04 bjaspan Exp $";
#endif /* !lint & !SABER */
#include "krb425.h"
***************
*** 77,102 ****
if (r = krb5_get_default_realm(&_krb425_local_realm))
return(krb425error(r));
! if (!strcmp(instance, "*")) {
! static char hostname[64] = { 0 };
! if (!hostname[0]) {
! struct hostent *h;
!
! gethostname(hostname, sizeof(hostname));
! if (h = gethostbyname(hostname)) {
! char *p;
!
! strncpy(hostname, h->h_name, sizeof(hostname));
! hostname[sizeof(hostname)-1] = 0;
! p = hostname;
! do {
! if (isupper(*p)) *p=tolower(*p);
! } while (*p++);
! }
! }
! instance = hostname;
}
if (r = krb5_build_principal(&server,
strlen(_krb425_local_realm),
_krb425_local_realm,
--- 77,134 ----
if (r = krb5_get_default_realm(&_krb425_local_realm))
return(krb425error(r));
! /* This used to be later, but we need the keytab name to */
! /* convert a "*" instance */
! if (!fn) {
! use_set_key = 1;
! fn = (char *)0;
! } else if (!*fn) {
! fn = (char *)0;
! } else {
! strcpy(file_name, "FILE:");
! strncpy(file_name + 5, fn, MAXPATHLEN);
! file_name[sizeof(file_name)-1] = '\0';
! fn = file_name;
! }
! /*
! * If the instance is "*", look through the keytab for the
! * first entry with a matching service, and use the
! * corresponding instance. This is standard V4 behavior, but
! * this library didn't implement it as of B2.
! */
! if (!strcmp(instance, "*")) {
! static char buf[64] = { 0 };
! krb5_keytab ktid;
! krb5_kt_cursor cur;
! krb5_keytab_entry entry;
!
! r = krb5_kt_resolve(fn, &ktid);
! if (r) return krb425error(r);
!
! r = krb5_kt_start_seq_get(ktid, &cur);
! if (r) return krb425error(r);
!
! while ((r = krb5_kt_next_entry(ktid, &entry, cur)) == 0) {
! if (krb5_princ_size(entry.principal) == 2 &&
! strcmp(krb5_princ_component(entry.principal,0)->data,
! service) == 0)
! break;
! }
!
! if (r) {
! if (r == KRB5_KT_END)
! krb5_kt_end_seq_get(ktid, cur);
! return krb425error(KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN);
! }
!
! r = krb5_kt_end_seq_get(ktid, cur);
! if (r) return krb425error(r);
!
! strcpy(buf, krb5_princ_component(entry.principal, 1)->data);
! instance = buf;
}
+
if (r = krb5_build_principal(&server,
strlen(_krb425_local_realm),
_krb425_local_realm,
***************
*** 108,124 ****
authe.length = authent->length;
authe.data = (char *)authent->dat;
- if (!fn) {
- use_set_key = 1;
- fn = (char *)0;
- } else if (!*fn) {
- fn = (char *)0;
- } else {
- strcpy(file_name, "FILE:");
- strncpy(file_name + 5, fn, MAXPATHLEN);
- file_name[sizeof(file_name)-1] = '\0';
- fn = file_name;
- }
#ifdef EBUG
EPRINT "Calling krb5_rd_req with:\n");
--- 140,145 ----
