Date: | Wed, 05 May 2010 14:17:40 -0400 |
From: | Jeff Blaine <jblaine@kickflop.net> |
To: | krb5-bugs@mit.edu |
Subject: | preauth mech duality causes havoc |
Based on 1.8 source, defining the same ID for 2 preauth mechs
causes kinit to segfault (and probably other things!)
"(2:00:59 PM) ghudson: I can't tell from that description whether that's
a bug in our code or one you introduced. It sounds like it might be a
bug in our code."
So here's the more detailed description.
# grep -h 'define KRB5_PADATA' plugins/preauth/myplugin/myplugin_main.c
plugins/preauth/cksum_body/cksum_body_main.c
#define KRB5_PADATA_MYPLUGIN 130
#define KRB5_PADATA_CKSUM_BODY_REQ 130
# alias kdc
alias kdc='pkill krb5kdc; sleep 1; /usr/mykrb/sbin/krb5kdc -r
MYREALM.OUR.ORG; ps -ef | grep krb5kdc | grep -v grep'
# kdc
root 19763 1 0 14:09 ? 00:00:00 /usr/mykrb/sbin/krb5kdc
-r MYREALM.OUR.ORG
#
causes kinit to segfault (and probably other things!)
"(2:00:59 PM) ghudson: I can't tell from that description whether that's
a bug in our code or one you introduced. It sounds like it might be a
bug in our code."
So here's the more detailed description.
# grep -h 'define KRB5_PADATA' plugins/preauth/myplugin/myplugin_main.c
plugins/preauth/cksum_body/cksum_body_main.c
#define KRB5_PADATA_MYPLUGIN 130
#define KRB5_PADATA_CKSUM_BODY_REQ 130
# alias kdc
alias kdc='pkill krb5kdc; sleep 1; /usr/mykrb/sbin/krb5kdc -r
MYREALM.OUR.ORG; ps -ef | grep krb5kdc | grep -v grep'
# kdc
root 19763 1 0 14:09 ? 00:00:00 /usr/mykrb/sbin/krb5kdc
-r MYREALM.OUR.ORG
#
Show quoted text
> kinit jblaine@MYREALM.OUR.ORG
Segmentation faultShow quoted text
>