Skip Menu |
 

Date: Wed, 05 May 2010 14:17:40 -0400
From: Jeff Blaine <jblaine@kickflop.net>
To: krb5-bugs@mit.edu
Subject: preauth mech duality causes havoc
Based on 1.8 source, defining the same ID for 2 preauth mechs
causes kinit to segfault (and probably other things!)

"(2:00:59 PM) ghudson: I can't tell from that description whether that's
a bug in our code or one you introduced. It sounds like it might be a
bug in our code."

So here's the more detailed description.

# grep -h 'define KRB5_PADATA' plugins/preauth/myplugin/myplugin_main.c
plugins/preauth/cksum_body/cksum_body_main.c
#define KRB5_PADATA_MYPLUGIN 130
#define KRB5_PADATA_CKSUM_BODY_REQ 130

# alias kdc
alias kdc='pkill krb5kdc; sleep 1; /usr/mykrb/sbin/krb5kdc -r
MYREALM.OUR.ORG; ps -ef | grep krb5kdc | grep -v grep'
# kdc
root 19763 1 0 14:09 ? 00:00:00 /usr/mykrb/sbin/krb5kdc
-r MYREALM.OUR.ORG
#

Show quoted text
> kinit jblaine@MYREALM.OUR.ORG
Segmentation fault
Show quoted text
>