From b17783@atalanta.ctd.anl.gov Tue May 29 17:17:27 2001 Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id RAA22323 for ; Tue, 29 May 2001 17:17:27 -0400 (EDT) Received: from atalanta.ctd.anl.gov (atalanta.ctd.anl.gov [146.137.64.60]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id RAA05448 for ; Tue, 29 May 2001 17:17:27 -0400 (EDT) Received: from orleans.ctd.anl.gov (localhost [127.0.0.1]) by atalanta.ctd.anl.gov (8.9.1a/8.9.1) with ESMTP id QAA14033 for ; Tue, 29 May 2001 16:17:26 -0500 (CDT) Received: (from b17783@localhost) by orleans.ctd.anl.gov (8.9.3+Sun/8.9.1) id QAA07267; Tue, 29 May 2001 16:17:26 -0500 (CDT) Message-Id: <200105292117.QAA07267@orleans.ctd.anl.gov> Date: Tue, 29 May 2001 16:17:26 -0500 (CDT) From: Douglas Engert Reply-To: b17783@achilles.ctd.anl.gov To: krb5-bugs@mit.edu Subject: appl/gssftp/ftp fails when using 3des keys X-Send-Pr-Version: 3.99 >Number: 960 >Category: krb5-libs >Synopsis: ftp and ftpd fail with PROT buffer < PBSZ by 4 bytes >Confidential: no >Severity: serious >Priority: medium >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Tue May 29 17:18:01 EDT 2001 >Last-Modified: >Originator: Douglas Engert >Organization: Douglas E. Engert DEEngert@anl.gov Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 >Release: krb5-1.2.2 >Environment: ALL System: SunOS orleans.ctd.anl.gov 5.7 Generic_106541-14 sun4u sparc SUNW,Ultra-5_10 Architecture: sun4 >Description: The FUDGE_FACTOR in the appl/gssftp/ftp/secure.c is not large enough when using 3des keys. >How-To-Repeat: Try the ftp -x when using enctype=16 for a service ticket. >Fix: increase the secure.c FUDGE_FACTOR from 64 to 68 You must rebuilt ftp and ftpd (The line numbers below may be a little off, as I have some Win32 mods in here as well.) *** ,secure.c Wed Feb 28 16:06:45 2001 --- secure.c Tue May 29 13:12:52 2001 *************** *** 73,79 **** #ifdef GSSAPI #undef FUDGE_FACTOR ! #define FUDGE_FACTOR 64 /*It appears to add 52 byts, but I'm not usre it is a constant--hartmans*/ #endif /*GSSAPI*/ #ifndef FUDGE_FACTOR /* In case no auth types define it. */ --- 75,82 ---- #ifdef GSSAPI #undef FUDGE_FACTOR ! #define FUDGE_FACTOR 68 /*It appears to add 52 byts, but I'm not usre it is a constant--hartmans*/ ! /* Increased from 64 to 68. With 3des PBSZ was 4 bytes to small */ #endif /*GSSAPI*/ #ifndef FUDGE_FACTOR /* In case no auth types define it. */ >Audit-Trail: >Unformatted: