From kenh@cmf.nrl.navy.mil Mon Feb 10 22:14:17 1997
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id WAA00385 for <bugs@RT-11.MIT.EDU>; Mon, 10 Feb 1997 22:14:16 -0500
Received: from [134.207.10.161] by MIT.EDU with SMTP
id AA13752; Mon, 10 Feb 97 22:14:15 EST
Received: from nexus.cmf.nrl.navy.mil (kenh@nexus.cmf.nrl.navy.mil [134.207.10.9]) by ginger.cmf.nrl.navy.mil (8.7.5/8.7.3) with ESMTP id WAA21386 for <krb5-bugs@mit.edu>; Mon, 10 Feb 1997 22:14:07 -0500 (EST)
Received: (kenh@localhost) by nexus.cmf.nrl.navy.mil (8.7.5/8.6.11) id WAA01699; Mon, 10 Feb 1997 22:14:14 -0500 (EST)
Message-Id: <199702110314.WAA01699@nexus.cmf.nrl.navy.mil>
Date: Mon, 10 Feb 1997 22:14:14 -0500 (EST)
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Reply-To: kenh@cmf.nrl.navy.mil
To: krb5-bugs@MIT.EDU
Subject: built-in V4 compat code should figure out realm from V5 config file
X-Send-Pr-Version: 3.99
System: SunOS nexus 4.1.4 2 sun4m
Architecture: sun4
A fair bit of the supplied V4 compat code knows how to talk to various parts
of V5 (they keytab is a good example).
However, the V4 compat code doesn't know about things like the V5 configuration
files, and cannot do things like determine the default realm. If the V4 code
is modified to optionally use the V5 config files for some of this information,
many V4 programs will can work essentially for free.
Try to use a V4 telnet client to talk to a V5 telnetd, and notice the problems
you get if your realm isn't ATHENA.MIT.EDU :-)
This makes the V4 code fall back on using V5 to determine the realm if
a krb.conf isn't present.
--- lib/krb4/g_krbrlm.c.orig Mon Feb 10 18:48:33 1997
+++ lib/krb4/g_krbrlm.c Mon Feb 10 19:05:05 1997
@@ -12,6 +12,7 @@
#include <stdio.h>
#include "krb.h"
#include <string.h>
+#include "k5-int.h"
/*
* krb_get_lrealm takes a pointer to a string, and a number, n. It fills
@@ -44,7 +45,23 @@
cnffile = krb__get_cnffile();
if (!cnffile) {
if (n == 1) {
- (void) strcpy(r, KRB_REALM);
+ krb5_context context;
+ krb5_error_code retcode;
+ char *realm = NULL;
+
+ retcode = krb5_init_context(&context);
+
+ if (retcode || krb5_get_default_realm(context, &realm)) {
+ (void) strcpy(r, KRB_REALM);
+ } else {
+ (void) strcpy(r, realm);
+ }
+
+ if (realm)
+ free(realm);
+
+ if (! retcode)
+ krb5_free_context(context);
return(KSUCCESS);
}
else
From: "Douglas E. Engert" <deengert@anl.gov>
To: kenh@cmf.nrl.navy.mil
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-libs/369: built-in V4 compat code should figure out realm from V5 config file
Date: Tue, 11 Feb 1997 19:39:59 -0600
Ken Hornstein wrote:
Just make sure that this is optional. We use the fact that the V4 code
will look
for the v4 type krb.conf file. It points at our AFS cell, anl.gov, while
the
v5 krb5.conf points at the dce.anl.gov DCE cell.
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
To: deengert@anl.gov
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-libs/369: built-in V4 compat code should figure out realm from V5 config file
Date: Wed, 12 Feb 1997 01:37:20 -0500
(Ouch ... Modzilla formatted text strikes again! :-) )
The patch I sent in will only use the V5 information if there is no krb.conf
file.
--Ken
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id WAA00385 for <bugs@RT-11.MIT.EDU>; Mon, 10 Feb 1997 22:14:16 -0500
Received: from [134.207.10.161] by MIT.EDU with SMTP
id AA13752; Mon, 10 Feb 97 22:14:15 EST
Received: from nexus.cmf.nrl.navy.mil (kenh@nexus.cmf.nrl.navy.mil [134.207.10.9]) by ginger.cmf.nrl.navy.mil (8.7.5/8.7.3) with ESMTP id WAA21386 for <krb5-bugs@mit.edu>; Mon, 10 Feb 1997 22:14:07 -0500 (EST)
Received: (kenh@localhost) by nexus.cmf.nrl.navy.mil (8.7.5/8.6.11) id WAA01699; Mon, 10 Feb 1997 22:14:14 -0500 (EST)
Message-Id: <199702110314.WAA01699@nexus.cmf.nrl.navy.mil>
Date: Mon, 10 Feb 1997 22:14:14 -0500 (EST)
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Reply-To: kenh@cmf.nrl.navy.mil
To: krb5-bugs@MIT.EDU
Subject: built-in V4 compat code should figure out realm from V5 config file
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 369
>Category: krb5-libs
>Synopsis: The V4 compat code can't figure out the realm from V5 config files
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Mon Feb 10 22:15:01 EST 1997
>Last-Modified: Wed Feb 12 01:38:00 EST 1997
>Originator: Ken Hornstein
>Organization:
Naval Research Lab>Category: krb5-libs
>Synopsis: The V4 compat code can't figure out the realm from V5 config files
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: change-request
>Submitter-Id: unknown
>Arrival-Date: Mon Feb 10 22:15:01 EST 1997
>Last-Modified: Wed Feb 12 01:38:00 EST 1997
>Originator: Ken Hornstein
>Organization:
Show quoted text
>Release: 1.0
>Environment:
>Environment:
System: SunOS nexus 4.1.4 2 sun4m
Architecture: sun4
Show quoted text
>Description:
A fair bit of the supplied V4 compat code knows how to talk to various parts
of V5 (they keytab is a good example).
However, the V4 compat code doesn't know about things like the V5 configuration
files, and cannot do things like determine the default realm. If the V4 code
is modified to optionally use the V5 config files for some of this information,
many V4 programs will can work essentially for free.
Show quoted text
>How-To-Repeat:
Try to use a V4 telnet client to talk to a V5 telnetd, and notice the problems
you get if your realm isn't ATHENA.MIT.EDU :-)
Show quoted text
>Fix:
This makes the V4 code fall back on using V5 to determine the realm if
a krb.conf isn't present.
--- lib/krb4/g_krbrlm.c.orig Mon Feb 10 18:48:33 1997
+++ lib/krb4/g_krbrlm.c Mon Feb 10 19:05:05 1997
@@ -12,6 +12,7 @@
#include <stdio.h>
#include "krb.h"
#include <string.h>
+#include "k5-int.h"
/*
* krb_get_lrealm takes a pointer to a string, and a number, n. It fills
@@ -44,7 +45,23 @@
cnffile = krb__get_cnffile();
if (!cnffile) {
if (n == 1) {
- (void) strcpy(r, KRB_REALM);
+ krb5_context context;
+ krb5_error_code retcode;
+ char *realm = NULL;
+
+ retcode = krb5_init_context(&context);
+
+ if (retcode || krb5_get_default_realm(context, &realm)) {
+ (void) strcpy(r, KRB_REALM);
+ } else {
+ (void) strcpy(r, realm);
+ }
+
+ if (realm)
+ free(realm);
+
+ if (! retcode)
+ krb5_free_context(context);
return(KSUCCESS);
}
else
Show quoted text
>Audit-Trail:
From: "Douglas E. Engert" <deengert@anl.gov>
To: kenh@cmf.nrl.navy.mil
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-libs/369: built-in V4 compat code should figure out realm from V5 config file
Date: Tue, 11 Feb 1997 19:39:59 -0600
Ken Hornstein wrote:
Show quoted text
>
>
> >Number: 369
> >Category: krb5-libs
> >Synopsis: The V4 compat code can't figure out the realm from V5 config files
> >Confidential: no
> >Severity: non-critical
> >Priority: medium
> >Responsible: krb5-unassigned
> >State: open
> >Class: change-request
> >Submitter-Id: unknown
> >Arrival-Date: Mon Feb 10 22:15:01 EST 1997
> >Last-Modified:
> >Originator: Ken Hornstein
> >Organization:
> Naval Research Lab> >Category: krb5-libs
> >Synopsis: The V4 compat code can't figure out the realm from V5 config files
> >Confidential: no
> >Severity: non-critical
> >Priority: medium
> >Responsible: krb5-unassigned
> >State: open
> >Class: change-request
> >Submitter-Id: unknown
> >Arrival-Date: Mon Feb 10 22:15:01 EST 1997
> >Last-Modified:
> >Originator: Ken Hornstein
> >Organization:
>
> >Release: 1.0
> >Environment:
> > >Environment:
Just make sure that this is optional. We use the fact that the V4 code
will look
for the v4 type krb.conf file. It points at our AFS cell, anl.gov, while
the
v5 krb5.conf points at the dce.anl.gov DCE cell.
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
To: deengert@anl.gov
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-libs/369: built-in V4 compat code should figure out realm from V5 config file
Date: Wed, 12 Feb 1997 01:37:20 -0500
Show quoted text
>Just make sure that this is optional. We use the fact that the V4 code
>will look
>for the v4 type krb.conf file. It points at our AFS cell, anl.gov, while
>the
>v5 krb5.conf points at the dce.anl.gov DCE cell.
>will look
>for the v4 type krb.conf file. It points at our AFS cell, anl.gov, while
>the
>v5 krb5.conf points at the dce.anl.gov DCE cell.
(Ouch ... Modzilla formatted text strikes again! :-) )
The patch I sent in will only use the V5 information if there is no krb.conf
file.
--Ken
Show quoted text
>Unformatted: