[12992] in Athena Bugs
Re: kerb oddity...
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Tue Dec 6 17:27:59 1994
Date: Tue, 6 Dec 1994 17:27:39 -0500
From: "Theodore Ts'o" <tytso@MIT.EDU>
To: brlewis@MIT.EDU
Cc: mbarker@MIT.EDU, probe@MIT.EDU, mbarker@MIT.EDU, miki@MIT.EDU,
bugs@MIT.EDU
In-Reply-To: <9412061946.AA17438@joy.MIT.EDU> (brlewis@MIT.EDU)
There are a couple of bugs going on here. The obvious fix is to make
phost be static.
There's something more subtle going on here, though. Under Solaris, the
default resolver does not return the fully qualified domain name in
h->h_name, like the Berkeley resolver does, instead it places in
h->h_name whatever argument was passed into gethostbyname. We reported
this bug in Solaris 2.1; SunSoft promised it would be fixed for 2.3, and
it's apparently finally fixed in 2.4.
What this bug means is that if you pass in a host alias to a Kerberos
client program, the wrong server principal is generated. In order to
fix this, we link our clients with our own special resolver, which has
the correct behavior for gethostbyname --- i.e, h->h_name points to a
statically allocated character array which contains the fully qualified,
canonical domain name.
If this special resolver is used, then the current SOLARIS #ifdef in
krb_get_phost works fine. However, if the stock Solaris resolver is
used, then krb_get_phost will lose, as you all have noticed. Putting in
the static keyword will prevent the obvious failure mode. However, your
program will still lose in subtle ways unless you use the correct
resolver.
- Ted
