Date: Wed, 6 Sep 1995 12:22:03 -0400 (EDT) From: John Capo <jc@irbs.com> To: freebsd-current@freefall.FreeBSD.org (freebsd-current) Subject: Kerberos patch (Gnats is broken) Message-ID: <199509061622.MAA08467@irbs.irbs.com>
next in thread | raw e-mail | index | archive | help
>Submitter-Id: current-users
>Originator: John Capo
>Organization: IRBS Engineering
>Confidential: no
>Synopsis: Kerberos cores if RCMD is first request (patch included)
>Severity: critical
>Priority: high
>Category: bin
>Release: FreeBSD 2.2-CURRENT i386
>Class: sw-bug
>Environment:
>Description:
Several static externals are only initialized on ticket requests.
These uninitialized variables are passed to cr_err_reply() from
kerb_err_reply().
>How-To-Repeat:
Start kerberos and rcp to a non-realm system when an old ticket
exists that was not granted by this instance of kerberos.
I know, in a perfect world there are no old tickets, but...
>Fix:
None of this should be static but since the great eBones re-org
is underway I left them alone. I did delete unused statics.
*** eBones/kerberos/kerberos.c.orig Wed Sep 6 11:16:36 1995
--- eBones/kerberos/kerberos.c Wed Sep 6 12:07:57 1995
***************
*** 67,73 ****
static char *req_name_ptr;
static char *req_inst_ptr;
static char *req_realm_ptr;
- static u_char req_no_req;
static u_long req_time_ws;
int req_act_vno = KRB_PROT_VERSION; /* Temporary for version skew */
--- 67,72 ----
***************
*** 83,90 ****
static long n_auth_req;
static long n_appl_req;
static long n_packets;
- static long n_user;
- static long n_server;
static long max_age = -1;
static long pause_int = -1;
--- 82,87 ----
***************
*** 355,360 ****
--- 352,368 ----
req_act_vno = req_version;
+ /* set up and correct for byte order and alignment */
+ req_name_ptr = (char *) pkt_a_name(pkt);
+ req_inst_ptr = (char *) pkt_a_inst(pkt);
+ req_realm_ptr = (char *) pkt_a_realm(pkt);
+
+ bcopy(pkt_time_ws(pkt), &req_time_ws, sizeof(req_time_ws));
+ /* time has to be diddled */
+ if (swap_bytes) {
+ swap_u_long(req_time_ws);
+ }
+
/* check packet version */
if (req_version != KRB_PROT_VERSION) {
lt = klog(L_KRB_PERR,
***************
*** 387,402 ****
tk->length = 0;
k_flags = 0; /* various kerberos flags */
-
- /* set up and correct for byte order and alignment */
- req_name_ptr = (char *) pkt_a_name(pkt);
- req_inst_ptr = (char *) pkt_a_inst(pkt);
- req_realm_ptr = (char *) pkt_a_realm(pkt);
- bcopy(pkt_time_ws(pkt), &req_time_ws, sizeof(req_time_ws));
- /* time has to be diddled */
- if (swap_bytes) {
- swap_u_long(req_time_ws);
- }
ptr = (char *) pkt_time_ws(pkt) + 4;
req_life = (u_long) (*ptr++);
--- 395,400 ----
John Capo
IRBS Engineering
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199509061622.MAA08467>