Skip Menu |
 

From: Ken Raeburn <raeburn@MIT.EDU>
To: krb5-bugs@MIT.EDU
Subject: test failures in password changing
Date: Mon, 12 Jan 2009 18:58:25 -0500
The current trunk code fails a couple of the dejagnu tests. Both have
to do with changing passwords; one directly, one via kinit when the
database entry is flagged to require a password change. The logged
error is that a network address was incorrect.

From a bit of experimentation and observation, it appears that the
problem comes up on machines with multiple non-loopback addresses
(e.g., IPv4 + IPv6), and not on machines with only one address.

Ken
Looking at the changes to network.c in adapting it for kadmind, I see the dispatch routine is
being passed the destination (local) address from the network.c code, but note that
recv_from_to does *not* always fill it in; it'll set *tolen to 0 if it can't get the address, and
there's no check for that failure.

So I expect it'll fail on systems where there's no IP_PKTINFO or IPV6_PKTINFO socket option (like
Mac OS X when using IPv4), and it'll pass on Linux (which has both). If I tweak recv_from_to to
pre-fill the buffer with the local IPv4 address, the test passes; if I pre-fill it with a different IPv4
address, some debugging code I added to rd_priv.c spits out that address as the non-matching
s_address field in the message coming back from kadmind.

See also #6205, a patch to use IP_RECVDSTADDR in kadmind...
From: raeburn@mit.edu
Subject: SVN Commit

If we have a local UDP socket without the PKTINFO option set, it's
bound to a local address, so use getsockname to extract the local
(destination) address.

https://github.com/krb5/krb5/commit/97af03eeb1b4ba7a982d066d8e3dbdc211892083
Commit By: raeburn
Revision: 21748
Changed Files:
U trunk/src/kadmin/server/network.c