From jgm@trailmix.portolacomm.com Sun Jan 5 18:30:21 1997
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id SAA19773 for <bugs@RT-11.MIT.EDU>; Sun, 5 Jan 1997 18:30:16 -0500
Received: from [205.178.2.176] by MIT.EDU with SMTP
id AA15616; Sun, 5 Jan 97 18:30:13 EST
Received: (from jgm@localhost) by trailmix.portolacomm.com (8.7.6/8.7.3) id PAA26852; Sun, 5 Jan 1997 15:31:16 -0800
Message-Id: <199701052331.PAA26852@trailmix.portolacomm.com>
Date: Sun, 5 Jan 1997 15:31:16 -0800
From: jgm@portolacomm.com
To: krb5-bugs@MIT.EDU
Subject: kdc dies when asked for service tickets with no v4 salts
X-Send-Pr-Version: 3.99
Architecture: i586
v4-salted keys, the server dies.
This bug was introduced by a patch I had submitted earlier.
Soon after supplying the patch, I had reported that the
patch was flawed and should not be applied. Nevertheless, my
patch got integrated in version 1.0.
The part about the server dying when there is no V4-compatible key
is new in 1.0, and should probably be investigated separately.
request for a ticket for that service.
First, either remove the patch I submitted earlier, or apply the
following patch. I have not investigated why the server dies.
*** kerberos_v4.c 1996/12/13 23:52:52 1.3
--- kerberos_v4.c 1997/01/05 23:04:38
***************
*** 403,408 ****
--- 403,414 ----
ENCTYPE_DES_CBC_CRC,
KRB5_KDB_SALTTYPE_AFS3,
-1,
+ &pkey) &&
+ krb5_dbe_find_enctype(kdc_context,
+ &entries,
+ ENCTYPE_DES_CBC_CRC,
+ -1,
+ -1,
&pkey))
{
lt = klog(L_KRB_PERR, "KDC V4: principal %s.%s isn't V4 compatible",
Responsible-Changed-From-To: krb5-unassigned->tlyu
Responsible-Changed-By: tlyu
Responsible-Changed-When: Fri May 30 17:11:45 1997
Responsible-Changed-Why:
State-Changed-From-To: open-analyzed
State-Changed-By: tlyu
State-Changed-When: Fri May 30 17:21:22 1997
State-Changed-Why:
weird...
From: Tom Yu <tlyu@MIT.EDU>
To: jgm@portolacomm.com
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-kdc/332: kdc dies when asked for service tickets with no v4 salts
Date: Fri, 30 May 1997 17:21:11 -0400
So... I'm dusting off this old bug report... and it seems that the
code fragment that your patch adds is already in kerberos_v4.c. When
did you submit your patch? kerberos_v4.c hasn't changed between beta7
and 1.0.
Does the kdc still coredump when processing a v4 request for a key
without v4 salt? I can't reproduce your problem, by the way, with the
current sources (which aren't substantially different from 1.0).
---Tom
State-Changed-From-To: analyzed-closed
State-Changed-By: tlyu
State-Changed-When: Mon Jan 26 23:44:16 1998
State-Changed-Why:
I'm closing this due to lack of response and failure to reproduce the
problem.
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id SAA19773 for <bugs@RT-11.MIT.EDU>; Sun, 5 Jan 1997 18:30:16 -0500
Received: from [205.178.2.176] by MIT.EDU with SMTP
id AA15616; Sun, 5 Jan 97 18:30:13 EST
Received: (from jgm@localhost) by trailmix.portolacomm.com (8.7.6/8.7.3) id PAA26852; Sun, 5 Jan 1997 15:31:16 -0800
Message-Id: <199701052331.PAA26852@trailmix.portolacomm.com>
Date: Sun, 5 Jan 1997 15:31:16 -0800
From: jgm@portolacomm.com
To: krb5-bugs@MIT.EDU
Subject: kdc dies when asked for service tickets with no v4 salts
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 332
>Category: krb5-kdc
>Synopsis: kdc dies when asked for service tickets with no v4 salts
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: tlyu
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sun Jan 05 18:31:01 EST 1997
>Last-Modified: Mon Jan 26 23:44:37 EST 1998
>Originator: John Gardiner Myers
>Organization:
>Release: 1.0
>Environment:
System: Linux trailmix.portolacomm.com 2.0.18 #2 Wed Nov 13 17:07:58 PST 1996 i586>Category: krb5-kdc
>Synopsis: kdc dies when asked for service tickets with no v4 salts
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: tlyu
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sun Jan 05 18:31:01 EST 1997
>Last-Modified: Mon Jan 26 23:44:37 EST 1998
>Originator: John Gardiner Myers
>Organization:
>Release: 1.0
>Environment:
Architecture: i586
Show quoted text
>Description:
When asked for a v4 service ticket for a service that has nov4-salted keys, the server dies.
This bug was introduced by a patch I had submitted earlier.
Soon after supplying the patch, I had reported that the
patch was flawed and should not be applied. Nevertheless, my
patch got integrated in version 1.0.
The part about the server dying when there is no V4-compatible key
is new in 1.0, and should probably be investigated separately.
Show quoted text
>How-To-Repeat:
Create a service with a non-v4-compatible-key. Make a v4 applrequest for a ticket for that service.
Show quoted text
>Fix:
First, either remove the patch I submitted earlier, or apply the
following patch. I have not investigated why the server dies.
*** kerberos_v4.c 1996/12/13 23:52:52 1.3
--- kerberos_v4.c 1997/01/05 23:04:38
***************
*** 403,408 ****
--- 403,414 ----
ENCTYPE_DES_CBC_CRC,
KRB5_KDB_SALTTYPE_AFS3,
-1,
+ &pkey) &&
+ krb5_dbe_find_enctype(kdc_context,
+ &entries,
+ ENCTYPE_DES_CBC_CRC,
+ -1,
+ -1,
&pkey))
{
lt = klog(L_KRB_PERR, "KDC V4: principal %s.%s isn't V4 compatible",
Show quoted text
>Audit-Trail:
Responsible-Changed-From-To: krb5-unassigned->tlyu
Responsible-Changed-By: tlyu
Responsible-Changed-When: Fri May 30 17:11:45 1997
Responsible-Changed-Why:
State-Changed-From-To: open-analyzed
State-Changed-By: tlyu
State-Changed-When: Fri May 30 17:21:22 1997
State-Changed-Why:
weird...
From: Tom Yu <tlyu@MIT.EDU>
To: jgm@portolacomm.com
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-kdc/332: kdc dies when asked for service tickets with no v4 salts
Date: Fri, 30 May 1997 17:21:11 -0400
So... I'm dusting off this old bug report... and it seems that the
code fragment that your patch adds is already in kerberos_v4.c. When
did you submit your patch? kerberos_v4.c hasn't changed between beta7
and 1.0.
Does the kdc still coredump when processing a v4 request for a key
without v4 salt? I can't reproduce your problem, by the way, with the
current sources (which aren't substantially different from 1.0).
---Tom
State-Changed-From-To: analyzed-closed
State-Changed-By: tlyu
State-Changed-When: Mon Jan 26 23:44:16 1998
State-Changed-Why:
I'm closing this due to lack of response and failure to reproduce the
problem.
Show quoted text
>Unformatted: