[889] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

This looks like a bug. lib/krb5/keytab/file/ktf_get_enc.c

tytso@ATHENA.MIT.EDU (tytso@ATHENA.MIT.EDU)
Fri Oct 21 18:31:26 1994

To: Theodore Ts'o <tytso@MIT.EDU>
Subject: This looks like a bug.  lib/krb5/keytab/file/ktf_get_en.c
Date: Thu, 20 Oct 94 10:03:28 EDT
From: Dan Walsh <walsh@athena.tay.dec.com>



The way the following code is written, if (kvno == IGNORE_VNO)  the code will allways
return a not found.  I suggest that we change     if (kerror) {
to     if ((kerror) && (! cur_entry.principal)).  What do you think?

krb5_error_code
krb5_ktfile_get_entry(DECLARG(krb5_keytab, id),
		      DECLARG(krb5_principal, principal),
		      DECLARG(krb5_kvno, kvno),
		      DECLARG(krb5_keytab_entry *, entry))
OLDDECLARG(krb5_keytab, id)
OLDDECLARG(krb5_principal, principal)
OLDDECLARG(krb5_kvno, kvno)
OLDDECLARG(krb5_keytab_entry *, entry)
{
...
    while (TRUE) {
	if (kerror = krb5_ktfileint_read_entry(id, &new_entry))
	    break;

	if (krb5_principal_compare(principal, new_entry.principal)) {
		if (kvno == IGNORE_VNO) {
			if (cur_entry.vno < new_entry.vno) {
				krb5_kt_free_entry(&cur_entry);
				cur_entry = new_entry;
			}
		} else {
			cur_entry = new_entry;
			break;
		}
	} else {
		krb5_kt_free_entry(&new_entry);
	}
    }
    if (kerror) {
	if (kerror == KRB5_KT_END)
	    kerror = KRB5_KT_NOTFOUND;
	(void) krb5_ktfileint_close(id);
	krb5_kt_free_entry(&cur_entry);
	return kerror;
    }
    if ((kerror = krb5_ktfileint_close(id)) != 0) {
	krb5_kt_free_entry(&cur_entry);
	return kerror;
    }
    *entry = cur_entry;
    return 0;
}


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[889] in Kerberos-V5-bugs

This looks like a bug. lib/krb5/keytab/file/ktf_get_enc.c

tytso@ATHENA.MIT.EDU (tytso@ATHENA.MIT.EDU)Fri Oct 21 18:31:26 1994

tytso@ATHENA.MIT.EDU (tytso@ATHENA.MIT.EDU)
Fri Oct 21 18:31:26 1994