[3221] in Kerberos-V5-bugs

home help back first fref pref prev next nref lref last post

krb5-admin/966: Bogus use of krb5_defkeyname in kadmin

daemon@ATHENA.MIT.EDU (cross@distal.com)
Sat Jun 9 23:43:19 2001

Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@MIT.EDU, cross@distal.com
Message-Id: <200106100342.f5A3g2I12331@harmony.distal.com>
Date: Sat, 9 Jun 2001 23:42:02 -0400 (EDT)
From: cross@distal.com
Reply-To: cross@distal.com
To: krb5-bugs@mit.edu
Cc: cross@distal.com


>Number:         966
>Category:       krb5-admin
>Synopsis:       kadmin does something that's unclean, and noted as such
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    krb5-unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Sat Jun  9 23:43:01 EDT 2001
>Last-Modified:
>Originator:     Chris P. Ross
>Organization:
>Release:        krb5-1.2.2
>Environment:
System: BSD/OS harmony.distal.com 4.2 BSDI BSD/OS 4.2 Kernel #0: Tue May 22 18:36:31 EDT 2001 cross@harmony.distal.com:/data/src/bsdi/sys/compile/SERVER i386


>Description:
	kadmin uses the library internal symbol krb5_defkeyname internally.
It is noted in the comments that this is bad, and should go.  So, I removed
it.  It's a little unclean as I have to take the response to krb5_kt_default_name
and prepend WR to it (since it has FILE:).  There may be a cleaner way to
do this.  Please let me know if you have an alternate method to accomplish
this.  But, this does work as expected...
>How-To-Repeat:
	N/A
>Fix:

Index: kadmin.c
===================================================================
RCS file: /data/cvsroot/usr.local/krb5/src/kadmin/cli/kadmin.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 kadmin.c
--- kadmin.c	2001/05/24 04:32:54	1.1.1.1
+++ kadmin.c	2001/06/10 03:36:15
@@ -436,13 +436,6 @@
 		 "while registering writable key table functions");
 	 exit(1);
     }
-    {
-#define DEFAULT_KEYTAB "WRFILE:/etc/krb5.keytab"
-	 /* XXX krb5_defkeyname is an internal library global and
-            should go away */
-	 extern char *krb5_defkeyname;
-	 krb5_defkeyname = DEFAULT_KEYTAB;
-    }
     
     return query;
 }
Index: keytab.c
===================================================================
RCS file: /data/cvsroot/usr.local/krb5/src/kadmin/cli/keytab.c,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 keytab.c
--- keytab.c	2001/05/24 04:32:54	1.1.1.1
+++ keytab.c	2001/06/10 03:35:36
@@ -51,7 +51,6 @@
 			    *princ_str, char *kvno_str);
 static char *etype_string(krb5_enctype enctype);
 
-extern char *krb5_defkeyname;	 
 extern char *whoami;
 extern krb5_context context;
 extern void *handle;
@@ -71,45 +70,58 @@
 		   krb5_keytab *keytab) 
 {
      int code;
+     char *tmp;
      
      if (*keytab_str == NULL) {
-	  /* XXX krb5_defkeyname is an internal library global and
-             should go away */
-	  if (! (*keytab_str = strdup(krb5_defkeyname))) {
+	  if (! (*keytab_str = malloc(MAXPATHLEN + 10))) {
 	       com_err(whoami, ENOMEM, "while creating keytab name");
 	       return 1;
 	  }
-	  code = krb5_kt_default(context, keytab);
+	  code = krb5_kt_default_name(context, *keytab_str, MAXPATHLEN+10);
 	  if (code != 0) {
-	       com_err(whoami, code, "while opening default keytab");
+	       com_err(whoami, code, "while getting default keytab name");
 	       free(*keytab_str);
 	       return 1;
 	  }
-     } else {
-	  if (strchr(*keytab_str, ':') != NULL) {
-	       *keytab_str = strdup(*keytab_str);
-	       if (*keytab_str == NULL) {
-		    com_err(whoami, ENOMEM, "while creating keytab name");
-		    return 1;
-	       }
-	  } else {
-	       char *tmp = *keytab_str;
+
+	  /* Likely to be 'FILE:...' - Fix it up to be 'WRFILE:...' */
+	  if (!strncmp(*keytab_str, "FILE:", 5)) {
+	       tmp = *keytab_str;
 
 	       *keytab_str = (char *)
-		    malloc(strlen("WRFILE:")+strlen(tmp)+1);
+		    malloc(strlen("WR")+strlen(tmp)+1);
 	       if (*keytab_str == NULL) {
 		    com_err(whoami, ENOMEM, "while creating keytab name");
 		    return 1;
 	       }
-	       sprintf(*keytab_str, "WRFILE:%s", tmp);
+	       sprintf(*keytab_str, "WR%s", tmp);
+	       free(tmp);
 	  }
-	  
-	  code = krb5_kt_resolve(context, *keytab_str, keytab);
-	  if (code != 0) {
-	       com_err(whoami, code, "while resolving keytab %s", *keytab_str);
-	       free(keytab_str);
+     }
+
+     if (strchr(*keytab_str, ':') != NULL) {
+	  *keytab_str = strdup(*keytab_str);
+	  if (*keytab_str == NULL) {
+	       com_err(whoami, ENOMEM, "while creating keytab name");
+	       return 1;
+	  }
+     } else {
+	  tmp = *keytab_str;
+
+	  *keytab_str = (char *)
+	       malloc(strlen("WRFILE:")+strlen(tmp)+1);
+	  if (*keytab_str == NULL) {
+	       com_err(whoami, ENOMEM, "while creating keytab name");
 	       return 1;
 	  }
+	  sprintf(*keytab_str, "WRFILE:%s", tmp);
+     }
+	  
+     code = krb5_kt_resolve(context, *keytab_str, keytab);
+     if (code != 0) {
+	  com_err(whoami, code, "while resolving keytab %s", *keytab_str);
+	  free(keytab_str);
+	  return 1;
      }
      
      return 0;
>Audit-Trail:
>Unformatted:
home help back first fref pref prev next nref lref last post