[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: smbk5pwd crash for missing symbol

Howard Chu a écrit :
> Guillaume Rousse wrote:
>> Love Hörnquist Åstrand a écrit :
>>> 27 maj 2008 kl. 02.18 skrev Guillaume Rousse:
>>>> I tried this approach (patch attached).
>>>> Converting _kadm5_free_keys to hdb_free_keys is trivial, as the former
>>>> is just a wrapper over the second.
>>>> However, converting _kadm5_set_keys to hdb_generate_key_set_password
>>>> is much more difficult. I first tried to inline all code from
>>>> _kadm5_set_keys in smbk5pwd.c. However, gcc complains about "request
>>>> for member ‘context’ in something not a structure or union" because it
>>>> doesn't have any clue about the nature of kadm_context, which is a
>>>> void ponter for smbk5pwd. Trying to cast it as a kadm5_server_context
>>>> pointer fails, as this seems also to be a private heimdal structure...
>>>> Given my lack of C knowledge, I'm a bit stuck there.
>>> You can use the krb5_contex that is global in the module, just change
>>> the code to use context instead of kadm5_context.
>> Slightly better but I still can't access its members:
>> smbk5pwd.c:416: error: dereferencing pointer to incomplete type
> The kadm5_context.db field is already available as "db" in this module, 
> there is no need to dereference anything else to get it.
> Looking at your patch, exactly duplicating all of _kadm5_set_keys' 
> behavior is the wrong approach. The hdb entry being operated on will not 
> get written back to any DB using the hdb APIs, so 
> hdb_entry_set_pw_change_time()/hdb_entry_set_password() will not 
> accomplish anything. If you want to support those features you have to 
> create appropriate Modify subops for them to attach to the Modification 
> that's being assembled. That also means retrieving the appropriate 
> AttributeDescriptions corresponding to whatever LDAP attribute Heimdal 
> normally uses to store those fields. Note that Heimdal's hdb-ldap.c 
> doesn't actually touch any of the HDB_extension fields in the HDB entry, 
> so hdb_entry_set_password() is futile anyway.
Well, I'm not wanting to support any fancy feature, I'm just trying to 
make the plugin work as expected, by restoring previous behaviour.

>> According to my understanding, kadm_context type is a pointer to an
>> internally-defined krb5_context_data structure.
>> Inlining private function is not straightforward, especially for dumb C
>> programmers :)
> It takes more than a basic understanding of C syntax to write code. You 
> have to also take the time to understand the overall purpose of the code 
> you're working with.
Sure. Next time I'll just complain loudly and wait for the solution 
instead of trying to adress it myself.
Guillaume Rousse
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62