[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: problems



Arkadiusz Mi¶kiewicz <misiek@misiek.eu.org> writes:
> Hello, again

Hi

> 1)
> this time I have problems with kdc server on Linux 2.2.10 (IPv6 configured), and
> egcs-1.1.2, glibc-2.1.1, nmap-2.02 ...
> 
> when I run port scanning using nmap then kdc exit with SIGSEGV (nmap myserver)

This is (partially) due to a bug in the handling of recvfrom in linux,
but I the following patch should work around that and make things more
robust.

Index: kdc/connect.c
===================================================================
RCS file: /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/heimdal/kdc/connect.c,v
retrieving revision 1.62
retrieving revision 1.64
diff -u -w -r1.62 -r1.64
--- connect.c	1999/06/23 13:12:39	1.62
+++ connect.c	1999/07/05 19:11:50	1.64
@@ -656,17 +656,20 @@
     }
     sa = (struct sockaddr *)sa_buf;
 
-    from_len = sa_size;
-    n = recvfrom(d[index].s, buf, sizeof(buf), 0, 
-		 sa, &from_len);
+    /*
+     * We can't trust recvfrom to return an address so we always call
+     * getpeername.
+     */
+
+    n = recvfrom(d[index].s, buf, sizeof(buf), 0, NULL, NULL);
     if(n < 0){
 	krb5_warn(context, errno, "recvfrom");
 	goto out;
     }
-    /* sometimes recvfrom doesn't return an address */
-    if(from_len == 0) {
 	from_len = sa_size;
-	getpeername(d[index].s, sa, &from_len);
+    if (getpeername(d[index].s, sa, &from_len) < 0) {
+	krb5_warn(context, errno, "getpeername");
+	goto out;
     }
     addr_to_string(sa, from_len, addr, sizeof(addr));
     if (grow_descr (&d[index], n))
@@ -676,6 +679,7 @@
     if(d[index].len > 4 && d[index].buf[0] == 0) {
 	ret = handle_vanilla_tcp (&d[index]);
     } else if(enable_http &&
+	      d[index].len >= 4 &&
 	      strncmp((char *)d[index].buf, "GET ", 4) == 0 && 
 	      strncmp((char *)d[index].buf + d[index].len - 4,
 		      "\r\n\r\n", 4) == 0) {

> 2)
> Also:
> root@linstar /root#  /usr/heimdal/sbin/dump_log
> Segmentation fault

I'm not able to reproduce this bug.  What is the contents of your
/var/heimdal directory?  And can you run gdb on the core so that I can
see where it's failing?

> 3)
> what heimdal entries I should add to /etc/services ?
> I know only about kx/tcp port 16136 and
> hprop/tcp port 754.

This is probably a good beginning:

#
# Kerberos
#
kerberos-sec	88/udp				# Kerberos secondary port UDP
kerberos-sec	88/tcp				# Kerberos secondary port TCP
kpasswd		464/udp				# password changing
kpasswd		464/tdp				# password changing
klogin		543/tcp				# Kerberos authenticated rlogin
kshell		544/tcp		krcmd		# and remote shell
ekshell		545/tcp		      # Kerberos encrypted remote shell -kfall
ekshell2	2106/tcp	      # What U of Colorado @ Boulder uses?
kerberos-adm	749/udp				# v5 kadmin
kerberos-adm	749/tcp				# v5 kadmin
kerberos-iv	750/udp		kerberos kdc	# Kerberos authentication--udp
kerberos-iv	750/tcp		kerberos kdc	# Kerberos authentication--tcp
kerberos_master 751/udp				# Kerberos authentication
kerberos_master 751/tcp				# Kerberos authentication
krb_prop	754/tcp				# Kerberos slave propagation
hprop		754/tcp				# Kerberos slave propagation
kpop		1109/tcp			# Pop with Kerberos
eklogin		2105/tcp			# Kerberos encrypted rlogin
rkinit		2108/tcp			# Kerberos remote kinit
kx		2111/tcp			# X over kerberos
kip		2112/tcp			# IP over kerberos
kauth		2120/tcp			# Remote kauth

> 4)
> misiek@linstar bin$ ./kinit misiek
> misiek@ZSZ2.STARACHOWICE.PL's Password:
> kinit: krb5_get_init_creds: Program lacks support for checksum type
> misiek@linstar bin$
> 
> kdc says only:
> 05-Jul-1999 18:04:06 AS-REQ misiek@ZSZ2.STARACHOWICE.PL from
> IPv4:195.164.211.33 for krbtgt/ZSZ2.STARACHOWICE.PL@ZSZ2.STARACHOWICE.PL
> 05-Jul-1999 18:04:06 Using des3-cbc-sha1/des3-cbc-sha1
> 05-Jul-1999 18:04:06 sending 767 bytes to IPv4:195.164.211.33
> 
> but I don't get ticket:
> misiek@linstar bin$ ./klist
> klist: No ticket file: /tmp/krb5cc_500

Somehow the client doesn't handle des3-cbc-sha1.  Did you compile both
client and server with --enable-new-des3-code?  Can you do a `kadmin
-l get -l misiek' on your KDC?

/assar