Skip Menu |

Download (untitled) / with headers
text/plain 3.3KiB
From Thu Nov 14 03:09:36 1996
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU []) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id DAA07662 for <bugs@RT-11.MIT.EDU>; Thu, 14 Nov 1996 03:09:35 -0500
Received: from lehman.Lehman.COM by MIT.EDU with SMTP
id AA21374; Thu, 14 Nov 96 03:09:25 EST
Received: (from smap@localhost) by lehman.Lehman.COM (8.6.12/8.6.12) id DAA15322 for <>; Thu, 14 Nov 1996 03:09:21 -0500
Received: from by lehman via smap (V1.3)
id tmp015320; Thu Nov 14 03:09:16 1996
Received: from by (4.1/LB-0.6)
id AA03052; Thu, 14 Nov 96 03:09:15 EST
Received: (from probe@localhost) by (8.6.9/8.6.9) id DAA25306; Thu, 14 Nov 1996 03:09:14 -0500
Message-Id: <>
Date: Thu, 14 Nov 1996 03:09:14 -0500
From: "Richard Basch" <basch@MIT.EDU>
To: krb5-bugs@MIT.EDU
Subject: lib-krb5 improper parsing / server hang?

Show quoted text
>Number: 188
>Category: krb5-libs
>Synopsis: lib-krb5 improper parsing / server hang?
>Confidential: yes
>Severity: serious
>Priority: high
>Responsible: tytso
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Nov 14 03:10:01 EST 1996
>Last-Modified: Thu Nov 14 21:22:36 EST 1996

Responsible-Changed-From-To: gnats-admin->tytso
Responsible-Changed-By: tytso
Responsible-Changed-When: Thu Nov 14 21:01:04 1996
Responsible-Changed-Why: I'll take this...

State-Changed-From-To: open-analyzed
State-Changed-By: tytso
State-Changed-When: Thu Nov 14 21:01:18 1996

From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: "Richard Basch" <basch@MIT.EDU>
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-libs/188: lib-krb5 improper parsing / server hang?
Date: Thu, 14 Nov 1996 21:05:15 -0500

What's going on is that in the KDC, it notes that principal is
non-existant ("basch/" is a principal with two components, the second
one being zero length), but the ASN.1 library is giving a failure
(missing required field) when the KDC tries generating the KRB_ERROR
packet. Thus the error packet never gets sent, and the client hangs
waiting for a response.

Turns out the problem is a bug in the ASN.1 library, where a zero-length
field is decoded into the C structure with the data field being null
when if the length is zero, but this setup isn't acceptable to the ASN.1

- Ted

State-Changed-From-To: analyzed-closed
State-Changed-By: tytso
State-Changed-When: Thu Nov 14 21:21:57 1996
State-Changed-Why: Fixed, changes checked in.

Show quoted text
kinit basch/
Password for basch/@Lehman.COM:
kinit: Cannot contact any KDC for requested realm while ...

I actually noticed this when I accidentally mistyped at the win32 client;
it hung (but I didn't wait long)

What it should do:
It should either parse basch/ as "basch" or as a non-existant principal,
but it either case, it should not pause and generate the error above.

Richard Basch URL:
Lehman Brothers, Inc. Email:,
101 Hudson St., 33rd Floor Fax: +1-201-524-5828
Jersey City, NJ 07302-3988 Voice: +1-201-524-5049