[405] in Kerberos-V5-bugs
Some bugs, some questions, and a Next.cf
daemon@ATHENA.MIT.EDU (Andrew Gross)
Tue Jan 25 02:12:01 1994
Date: Mon, 24 Jan 94 23:11:45 -0800
From: Andrew Gross <drew@drew.extern.ucsd.edu>
To: krb5-bugs@athena.mit.edu.
Hello,
I have included a Next.cf (OS 3.2) for the config directory, a few patches,
and two comments (not in that order). I apologize in advance if I am
unclear or if I cover something already known. Please feel free to
question my {sanity,observations,patches}.
Are you all interested in mods to make multihomed hosts possible
under K5? I can make kadmind listen on all interfaces, krshd/krlogind
choose the right pricipal based on the interface being used, and
kdb5_edit extract several principals to the v5srvtab (one per
interface). I understand that you do not have any use for this
functionality but could it be added (#defined) to show others who want
to use it how it can be done?
Thank you for your time and attention,
Andrew Gross
grossa@sdsc.edu (*)
drew@drew.extern.ucsd.edu
=========================================================================
Comments:
( ) kadmin - "del princ" does not prompt for verify. This is not
terribly important, but would be nice. I know it's easy, but someone
familiar with the code could add it faster than I.
( ) memory deallocation - in krb5_free_principal (lib/krb5/free/f_princ.c)
we have:
if (val->data) {
while(--i >= 0)
free(krb5_princ_component(val, i)->data);
krb5_xfree(val->data);
}
and krb5_xfree is defined as (include/krb5/free.h):
#define krb5_xfree(val) free((char *)(val))
Now, if a principal is freed twice, then the second
krb5_free_principal does not know that the principal was freed before
because val->data is never set to NULL. Is this the proper behavior?
This causes problems in kadmind (adm_funcs.c:adm5_change) because
parts of the krb5_db_entry structure called entry are freed in
functions called by this function, and on some occasions entry.mod_name
will point to the same structure as newprinc. Since both of these are
freed without NULL-ing the pointers in the structure, this causes
segmentation faults especially on memory paranoid systems (say, a NeXT).
If I am missing something in this please let me know. It seems to
me that krb5_xfree should be redefined as:
#define krb5_xfree(val) free((char *)(val)); val=NULL
so that all of the pointers are NULL-ed after being freed.
=========================================================================
Patches: (comments are noted with %%%)
%%% This patch takes setenv.o out of the objects list as it is
%%% not needed on a NeXT.
diff -r -c src/appl/bsd/Imakefile src-ref/appl/bsd/Imakefile
*** src/appl/bsd/Imakefile Wed Jan 19 19:01:01 1994
--- src-ref/appl/bsd/Imakefile Fri Jan 14 12:27:30 1994
***************
*** 39,51 ****
LOCAL_LIBRARIES = $(KLIB)
#endif
- #ifndef NeXT
CLIENTSRCS= krcp.c krlogin.c krsh.c kcmd.c forward.c logutil.c setenv.c login.c
CLIENTOBJS= krcp.o krlogin.o krsh.o kcmd.o forward.c logutil.o setenv.o login.o
- #else
- CLIENTSRCS= krcp.c krlogin.c krsh.c kcmd.c forward.c logutil.c login.c
- CLIENTOBJS= krcp.o krlogin.o krsh.o kcmd.o forward.c logutil.o login.o
- #endif
#ifdef CrayArchitecture
SERVERSRCS= krshd.c
--- 39,46 ----
***************
*** 79,89 ****
NormalProgramTarget(krlogind,krlogind.o logutil.o kcmd.o forward.o,$(DEPLIBS),$(LOCAL_LIBRARIES),$(K4LIB))
Krb5InstallServerProgram(krlogind)
- #ifndef NeXT
NormalProgramTarget(login.krb5,login.o logutil.o setenv.o,$(DEPLIBS),$(LOCAL_LIBRARIES),)
- #else
- NormalProgramTarget(login.krb5,login.o logutil.o,$(DEPLIBS),$(LOCAL_LIBRARIES),)
- #endif
InstallProgram(login.krb5,$(SERVER_BINDIR))
#endif
--- 74,80 ----
%%% This patch fixes rcp-ing files in as root .
diff -r -c bsd/krcp.c bsd.x/krcp.c
*** bsd/krcp.c Fri Dec 24 14:45:08 1993
--- bsd.x/krcp.c Sat Jan 22 20:50:49 1994
***************
*** 442,448 ****
--- 442,450 ----
if (encryptflag)
send_auth();
}
+ (void) setreuid(0, userid);
sink(1, argv+argc-1);
+ (void) setreuid(userid, 0);
#else
rem = rcmd(&host, port, pwd->pw_name, suser,
buf, 0);
%%% This patch is needed to get several definitions out of stat.h
%%% on a NeXT.
diff -r -c src/lib/krb5/ccache/file/fcc_gennew.c src-ref/lib/krb5/ccache/file/fcc_gennew.c
*** src/lib/krb5/ccache/file/fcc_gennew.c Mon Jan 24 22:23:37 1994
--- src-ref/lib/krb5/ccache/file/fcc_gennew.c Thu Jan 13 15:09:50 1994
***************
*** 31,40 ****
#endif /* !lint && !SABER */
#include <errno.h>
- #ifdef NeXT
- #define _POSIX_SOURCE
- #endif
- #include <sys/stat.h>
#include <krb5/osconf.h>
#include "fcc.h"
--- 31,36 ----
%%% Need this to get varargs.h on a NeXT
diff -r -c src/util/ss/error.c src-ref/util/ss/error.c
*** src/util/ss/error.c Wed Jan 19 17:46:03 1994
--- src-ref/util/ss/error.c Thu Jun 3 05:31:00 1993
***************
*** 37,46 ****
#include <varargs.h>
#endif
#endif
-
- #ifdef NeXT
- #include <varargs.h>
- #endif
#undef ss_error
--- 37,42 ----
=========================================================================
%%% Next.cf for config directory. Based on the Mouse-X distribution
%%% by Douglas Scott (doug@foxtrot.ccmrc.ucsb.edu). I used it for
%%% Beta 2 under NeXTSTEP 3.0 and for Beta 3 under NS 3.2 .
#! /bin/sh
# This is a shell archive, meaning:
# 1. Remove everything above the #! /bin/sh line.
# 2. Save the resulting text in a file.
# 3. Execute the file with /bin/sh (not csh) to create the files:
# Next.cf
# This archive created: Mon Jan 24 22:29:58 1994
export PATH; PATH=/bin:$PATH
if test -f 'Next.cf'
then
echo shar: will not over-write existing file "'Next.cf'"
else
cat << \SHAR_EOF > 'Next.cf'
/* Douglas Scott -- U.C. Santa Barbara */
/* doug@foxtrot.ccmrc.ucsb.edu */
#define OSName NeXT Release 3.0
#define OSMajorVersion 3
#define OSMinorVersion 0
#define InstKmemFlags -m 2755 -g kmem
#define HasSaberC NO
#define HasNdbm YES
#define SetTtyGroup YES
#define HasBsearch YES /* changed by DAS -- is available on NeXT */
#define NeedConstPrototypes YES
#define NeedVarargsPrototypes YES
#define NeedFunctionPrototypes YES
#define NeedWidePrototypes NO
#define BuildServer YES
#define XnextServer YES
#ifdef BuildColorServer /* from site.def */
#define BuildPexExt YES
#else
#define BuildPexExt NO /* PEX does not work with 2-Bit server */
#endif
#define BuildXInputExt NO /* these dont seem to work on the NeXT */
#if HasGcc
#define CcCmd gcc -Wno-import /* dont use -fpcc-struct-return on NeXT */
#if defined(HasGcc2)
#define OptimizedCDebugFlags -O2
/* Leave Alone XXX */
#else
#define OptimizedCDebugFlags -O
#endif
#endif
#ifndef NeXT
#define NeXT /* Define needed for Imakefiles */
#endif
#define BuildExamples NO
#define StandardDefines -DX_NOT_POSIX -DX_NOT_STDC_ENV -DX_LOCALE
#define HasVoidSignalReturn YES /* NO when compiling with -bsd */
/* this next part added for makedepend under 3.0 -- DAS */
#if OSMajorVersion == 3
#ifndef DependFlags
#define DependFlags -I/usr/include/ansi -I/usr/include/bsd -I/usr/include/bsd/sys
#endif
#endif
#ifndef LnCmd
#define LnCmd ln -s
#endif
#ifndef InstallCmd
#define InstallCmd install -u /* unlink old */
#endif
#ifndef RanlibCmd
#define RanlibCmd ranlib -c -s
#endif
/* see below for ServerDefines */
#define PrimaryScreenResolution 95 /* for 17 inch screen -- DAS */
/* the defines that determine which server type to create are only needed in
the server code, not in the rest of the distribution -- DAS
use -DNEXT_21_INCH below for large monitors
use -DNEXT_2BIT for monochrome server
use -DNEXT_16BIT for color server
*/
#ifdef BuildColorServer
#define ServerExtraDefines -DNEXT_16BIT -DXDMCP -DSTATIC_COLOR
#else
#define ServerExtraDefines -DNEXT_2BIT -DXDMCP -DSTATIC_COLOR
#endif
#define ServerCDebugFlags -g -O2 /* debug server for now */
#define SystemV NO
#define HasVoidSignalReturn YES
#define HasPosixTermios NO
#define HasPosixFileLocks NO
#define HasPosixTypes YES
#define HasStringH YES
#define HasStdlibH YES
#define HasMemmove YES
#define HasInet YES
#define HasPutenv YES
#define HasBsearch YES
#define HasGCC NO
#define UseSysTimeH YES
#undef UseStdarg
#define IsPOSIX NO
#define Bitsize32 YES
#define HasVfprintf YES
#define HasStrerror YES
#define HasVsyslog YES
#define ArCmd ar cru
#define LintLibFlag -o
#define DesDefines -DBIG -DMUSTALIGN -DMSBFIRST
SHAR_EOF
fi # end of overwriting check
# End of shell archive
exit 0
