From kenh@cmf.nrl.navy.mil Mon Feb 10 22:14:17 1997 Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id WAA00385 for ; Mon, 10 Feb 1997 22:14:16 -0500 Received: from [134.207.10.161] by MIT.EDU with SMTP id AA13752; Mon, 10 Feb 97 22:14:15 EST Received: from nexus.cmf.nrl.navy.mil (kenh@nexus.cmf.nrl.navy.mil [134.207.10.9]) by ginger.cmf.nrl.navy.mil (8.7.5/8.7.3) with ESMTP id WAA21386 for ; Mon, 10 Feb 1997 22:14:07 -0500 (EST) Received: (kenh@localhost) by nexus.cmf.nrl.navy.mil (8.7.5/8.6.11) id WAA01699; Mon, 10 Feb 1997 22:14:14 -0500 (EST) Message-Id: <199702110314.WAA01699@nexus.cmf.nrl.navy.mil> Date: Mon, 10 Feb 1997 22:14:14 -0500 (EST) From: Ken Hornstein Reply-To: kenh@cmf.nrl.navy.mil To: krb5-bugs@MIT.EDU Subject: built-in V4 compat code should figure out realm from V5 config file X-Send-Pr-Version: 3.99 >Number: 369 >Category: krb5-libs >Synopsis: The V4 compat code can't figure out the realm from V5 config files >Confidential: no >Severity: non-critical >Priority: medium >Responsible: krb5-unassigned >State: open >Class: change-request >Submitter-Id: unknown >Arrival-Date: Mon Feb 10 22:15:01 EST 1997 >Last-Modified: Wed Feb 12 01:38:00 EST 1997 >Originator: Ken Hornstein >Organization: Naval Research Lab >Release: 1.0 >Environment: System: SunOS nexus 4.1.4 2 sun4m Architecture: sun4 >Description: A fair bit of the supplied V4 compat code knows how to talk to various parts of V5 (they keytab is a good example). However, the V4 compat code doesn't know about things like the V5 configuration files, and cannot do things like determine the default realm. If the V4 code is modified to optionally use the V5 config files for some of this information, many V4 programs will can work essentially for free. >How-To-Repeat: Try to use a V4 telnet client to talk to a V5 telnetd, and notice the problems you get if your realm isn't ATHENA.MIT.EDU :-) >Fix: This makes the V4 code fall back on using V5 to determine the realm if a krb.conf isn't present. --- lib/krb4/g_krbrlm.c.orig Mon Feb 10 18:48:33 1997 +++ lib/krb4/g_krbrlm.c Mon Feb 10 19:05:05 1997 @@ -12,6 +12,7 @@ #include #include "krb.h" #include +#include "k5-int.h" /* * krb_get_lrealm takes a pointer to a string, and a number, n. It fills @@ -44,7 +45,23 @@ cnffile = krb__get_cnffile(); if (!cnffile) { if (n == 1) { - (void) strcpy(r, KRB_REALM); + krb5_context context; + krb5_error_code retcode; + char *realm = NULL; + + retcode = krb5_init_context(&context); + + if (retcode || krb5_get_default_realm(context, &realm)) { + (void) strcpy(r, KRB_REALM); + } else { + (void) strcpy(r, realm); + } + + if (realm) + free(realm); + + if (! retcode) + krb5_free_context(context); return(KSUCCESS); } else >Audit-Trail: From: "Douglas E. Engert" To: kenh@cmf.nrl.navy.mil Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/369: built-in V4 compat code should figure out realm from V5 config file Date: Tue, 11 Feb 1997 19:39:59 -0600 Ken Hornstein wrote: > > >Number: 369 > >Category: krb5-libs > >Synopsis: The V4 compat code can't figure out the realm from V5 config files > >Confidential: no > >Severity: non-critical > >Priority: medium > >Responsible: krb5-unassigned > >State: open > >Class: change-request > >Submitter-Id: unknown > >Arrival-Date: Mon Feb 10 22:15:01 EST 1997 > >Last-Modified: > >Originator: Ken Hornstein > >Organization: > Naval Research Lab > > >Release: 1.0 > >Environment: > Just make sure that this is optional. We use the fact that the V4 code will look for the v4 type krb.conf file. It points at our AFS cell, anl.gov, while the v5 krb5.conf points at the dce.anl.gov DCE cell. -- Douglas E. Engert Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 From: Ken Hornstein To: deengert@anl.gov Cc: krb5-bugs@MIT.EDU Subject: Re: krb5-libs/369: built-in V4 compat code should figure out realm from V5 config file Date: Wed, 12 Feb 1997 01:37:20 -0500 >Just make sure that this is optional. We use the fact that the V4 code >will look >for the v4 type krb.conf file. It points at our AFS cell, anl.gov, while >the >v5 krb5.conf points at the dce.anl.gov DCE cell. (Ouch ... Modzilla formatted text strikes again! :-) ) The patch I sent in will only use the V5 information if there is no krb.conf file. --Ken >Unformatted: