[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

heimdal 0.6.4 KDC v4 support broken?

To: heimdal-discuss@sics.se
Subject: heimdal 0.6.4 KDC v4 support broken?
From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
Date: Fri, 27 May 2005 13:50:35 -0400
Sender: owner-heimdal-discuss@sics.se

Found in kdc/kerberos4.c near line 390 (and this time it's not a local
hack...):

	snprintf (client_name, sizeof(client_name),
		  "%s.%s@%s",
		  ad.pname, ad.pinst, ad.prealm);
	ret = db_fetch4(ad.pname, ad.pinst, ad.prealm, &client);
	if(ret != HDB_ERR_NOENTRY || 
	   (ret == HDB_ERR_NOENTRY && strcmp(ad.prealm, v4_realm) == 0)) {
	    char *s;
	    s = kdc_log_msg(0, "Client not found in database: (krb4) "
			    "%s.%s@%s: %s",
			    ad.pname, ad.pinst, ad.prealm,
			    krb5_get_err_text(context, ret));
	    make_err_reply(reply, KERB_ERR_PRINCIPAL_UNKNOWN, s);
	    free(s);
	    goto out2;
	}

This seems a bit wrong; it loses with "Client not found in database:
(krb4) ... : Error 0" for valid clients.  (And the second condition
seems even more wrong.)

I note that 0.6.3 had similar code with a simpler condition... wrapped
in "#if 0".

-- 
brandon s. allbery   [linux,solaris,freebsd,perl]      allbery@kf8nh.com
system administrator      [WAY too many hats]        allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon univ.         KF8NH

Follow-Ups:
- Re: heimdal 0.6.4 KDC v4 support broken?
  - From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
- Re: heimdal 0.6.4 KDC v4 support broken?
  - From: Academician Kula <kula@tproa.net>

Prev by Date: Re: A few questions about implementing a KDC for OpenAFS
Next by Date: Re: A few questions about implementing a KDC for OpenAFS
Prev by thread: Re: A few questions about implementing a KDC for OpenAFS
Next by thread: Re: heimdal 0.6.4 KDC v4 support broken?
Index(es):
- Date
- Thread