Skip Menu |
 

Download (untitled) / with headers
text/plain 3.5KiB
From ghudson@MIT.EDU Sat Jun 14 15:51:40 1997
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id PAA05108 for <bugs@RT-11.MIT.EDU>; Sat, 14 Jun 1997 15:51:39 -0400
Received: from THE-LIGHT-FANTASTIC.MIT.EDU by MIT.EDU with SMTP
id AA00198; Sat, 14 Jun 97 15:50:41 EDT
Received: (from ghudson@localhost) by the-light-fantastic.MIT.EDU (8.6.12/8.6.12) id PAA06926; Sat, 14 Jun 1997 15:51:37 -0400
Message-Id: <199706141951.PAA06926@the-light-fantastic.MIT.EDU>
Date: Sat, 14 Jun 1997 15:51:37 -0400
From: Greg Hudson <ghudson@MIT.EDU>
Reply-To: ghudson@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: login.c uses wrong criteria to set KRB_ENVIRON
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 438
>Category: krb5-appl
>Synopsis: login.c uses wrong criteria to set KRB_ENVIRON
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sat Jun 14 15:52:02 EDT 1997
>Last-Modified:
>Originator: Greg Hudson
>Organization:
MIT
Show quoted text
>Release: 1.0
>Environment:
Solaris 2.5.1 (Athena 8.1), but not really system-dependent

Show quoted text
>Description:
When deciding whether to set KRBTKFILE in the login environment,
src/appl/bsd/login.c checks for "login_krb4_get_tickets &&
tkfile[0]". This is wrong because (a) KRBTKFILE should be set
if login_krb4_convert is true, even if login_krb4_get_tickets is
false, and (b) tkfile[0] is pretty much always true; it's not a
good indicator of whether we got tickets above.

The simple fix is to test for tkfile[0]. However, another problem
remains. If login is called with the -p option (which is the
normal behavior), then KRBTKFILE will remain set from when it was
set in k_init(). To fix that, I think you need to remember the
old value of KRBTKFILE and reset it if tickets are not acquired

Show quoted text
>How-To-Repeat:
rlogin to a krb5 host which has login_krb4_get_tickets set,
don't acquire v4 tickets, and notice that KRBTKFILE is set.

Modify krlogind to invoke login without the -p option. rlogin
to a krb5 host with the modified krlogind and which has
login_krb4_convert true but not login_krb4_get_tickets. Forward
your v5 tickets. Notice that KRBTKFILE is not set.

rlogin to a krb5 host with the unmodified krlogind and which has
login_krb4_convert true but not login_krb4_get_tickets. Don't
forward your v5 tickets. Notice that KRBTKFILE is still set
even though it wasn't set up in the login environment (because
login_krb4_get_tickets is not true)

Show quoted text
>Fix:
Here is the fix for the simple problem. Please get back to me
when the more complicated problem is fixed, so that I can apply
exactly the same patch to the Athena krb5 sources as you guys
use.

Index: login.c
===================================================================
RCS file: /afs/dev.mit.edu/source/repository/third/krb5/src/appl/bsd/login.c,v
retrieving revision 1.4
diff -c -r1.4 login.c
*** login.c 1997/04/01 00:26:05 1.4
--- login.c 1997/06/14 18:49:55
***************
*** 1852,1858 ****
(void)setenv("TERM", term, 0);
#ifdef KRB4_GET_TICKETS
/* tkfile[0] is only set if we got tickets above */
! if (login_krb4_get_tickets && tkfile[0])
(void) setenv(KRB_ENVIRON, tkfile, 1);
#endif /* KRB4_GET_TICKETS */
#ifdef KRB5_GET_TICKETS
--- 1852,1858 ----
(void)setenv("TERM", term, 0);
#ifdef KRB4_GET_TICKETS
/* tkfile[0] is only set if we got tickets above */
! if (got_v4_tickets)
(void) setenv(KRB_ENVIRON, tkfile, 1);
#endif /* KRB4_GET_TICKETS */
#ifdef KRB5_GET_TICKETS
Show quoted text
>Audit-Trail:
>Unformatted: