From tlyu@MIT.EDU Tue Apr 13 16:35:16 1999 Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id QAA09875 for ; Tue, 13 Apr 1999 16:35:15 -0400 Received: from SAINT-ELMOS-FIRE.MIT.EDU by MIT.EDU with SMTP id AA07427; Tue, 13 Apr 99 16:35:08 EDT Received: by saint-elmos-fire (8.8.8+Sun/4.7) id QAA03365; Tue, 13 Apr 1999 16:35:13 -0400 (EDT) Received: from PACIFIC-CARRIER-ANNEX.MIT.EDU by po9.MIT.EDU (5.61/4.7) id AA17666; Mon, 12 Apr 99 16:12:58 EDT Received: from fuseki.aa.ans.net by MIT.EDU with SMTP id AA19375; Mon, 12 Apr 99 16:13:50 EDT Received: from localhost by fuseki.aa.ans.net (8.9.3/8.9.3) with ESMTP id QAA28924 for ; Mon, 12 Apr 1999 16:12:51 -0400 (EDT) Message-Id: <199904122012.QAA28924@fuseki.aa.ans.net> Date: Mon, 12 Apr 1999 16:12:51 -0400 From: michael shiplett To: krb5-bugs@mit.edu (was krbcore@MIT.EDU) Subject: value of krb4_srvtab not observed >Number: 712 >Category: krb5-libs >Synopsis: kshd/klogind parse /etc/krb5.conf:libdefaults:krb4_srvtab incorrectly. >Confidential: no >Severity: serious >Priority: high >Responsible: tlyu >State: closed >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Tue Apr 13 16:36:02 EDT 1999 >Last-Modified: Mon May 24 18:26:15 EDT 1999 >Originator: michael shiplett >Organization: UUNET Ann Arbor >Release: krb5-1.0.6-beta2 >Environment: System: SunOS fuseki.aa.ans.net 5.5.1 Generic_103640-24 sun4u sparc SUNW,Ultra-1 Architecture: sun4 System: SunOS euro.aa.ans.net 5.6 Generic_105181-12 sun4u sparc SUNW,Ultra-60 Architecture: sun4 System: AIX aixinst.aa.ans.net 2 3 000021334100 >Description: klogind and kshd are unable to read /etc/krb5.conf to find the value of krb4_srvtab; hence, k4 compatibility is broken unless /etc/srvtab is (or points to) the location of the v4 srvtab. It appears the problem is in the changes to src/lib/krb4/g_cnffile.c. I do not know at this time whether the problem is in parsing all of krb5.conf or just the krb4_srvtab information. >How-To-Repeat: 1. Move the v4 srvtab to a non-default location, i.e., somewhere other than /etc/srvtab. 2. Make an entry to the libdefaults section of /etc/krb5.conf setting krb4_srvtab to the new location. 3. Attempt to rsh/rlogin in using v4 client---it will work under krb5-1.0.5 but fail under krb5-1.0.6-beta2. >Fix: kluge: ln -s /etc/srvtab correct: fix the offending code (I haven't found it yet). >Audit-Trail: Responsible-Changed-From-To: krb5-unassigned->tlyu Responsible-Changed-By: tlyu Responsible-Changed-When: Tue Apr 13 20:06:55 1999 Responsible-Changed-Why: refiled From: Tom Yu To: walrus@ans.net Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/712: kshd/klogind parse /etc/krb5.conf:libdefaults:krb4_srvtab incorrectly. Date: Tue, 13 Apr 1999 20:11:36 -0400 (EDT) What are the exact contents of your /etc/krb5.conf? There have been changes to the profile library that might be causing this problem. Can you trace through a call through krb5__get_srvtabname to see which of krb5_init_context() or profile_get_values() is failing if you happen to have debugging symbols compiled in? That would be immensely helpful. ---Tom From: michael shiplett To: Tom Yu Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/712: kshd/klogind parse /etc/krb5.conf:libdefaults:krb4_srvtab incorrectly. Date: Wed, 14 Apr 1999 14:09:14 -0400 "ty" == Tom Yu writes: ty> What are the exact contents of your /etc/krb5.conf? There have ty> been changes to the profile library that might be causing this ty> problem. Can you trace through a call through krb5__get_srvtabname ty> to see which of krb5_init_context() or profile_get_values() is ty> failing if you happen to have debugging symbols compiled in? That ty> would be immensely helpful. /etc/krb5.conf [libdefaults] krb4_srvtab = /etc/krb-srvtab krb4_realms = /usr/kerberos/lib/krb.realms krb4_config = /usr/kerberos/lib/krb.conf [login] krb4_get_tickets = 0 krb_convert = 0 krb_run_aklog = 0 profile_get_values() is the function which fails (providing the default of ``/etc/srvtab''). I tried various ordering combinations and eliminating all config lines except the top two to no avail. michael From: michael shiplett To: Tom Yu Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/712: kshd/klogind parse /etc/krb5.conf:libdefaults:krb4_srvtab incorrectly. Date: Wed, 14 Apr 1999 15:05:28 -0400 The if clause if (krb5__krb4_context && (retval = profile_get_values(krb5__krb4_context->profile, names, &full_name)) && retval == 0 && full_name && full_name[0]) { [...] } is contradictory---the assignment to retval can't be not 0 and 0. The following is cleaner and works. if (krb5__krb4_context && profile_get_values(krb5__krb4_context->profile, names, &full_name)) && full_name && full_name[0]) { } michael From: michael shiplett To: Tom Yu Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/712: kshd/klogind parse /etc/krb5.conf:libdefaults:krb4_srvtab incorrectly. Date: Thu, 15 Apr 1999 13:28:19 -0400 There was an error in my previous message regarding a fix for this bug. The clause from krb__get_srvtabname should be if (krb5__krb4_context && !profile_get_values(krb5__krb4_context->profile, names, &full_name) && full_name && full_name[0]) I had neglected to negate of the return value from profile_get_values() michael State-Changed-From-To: open-closed State-Changed-By: tlyu State-Changed-When: Mon May 24 18:26:00 1999 State-Changed-Why: Thanks; fixed in 1.0.6 >Unformatted: