Skip Menu |
 

From: tlyu@mit.edu
Subject: git commit

Log service princ in KDC more reliably

Under some error conditions, the KDC would log "<unknown server>" for
the service principal because service principal information is not yet
available to the logging functions. Set the appropriate variables
earlier.

do_as_req.c: After unparsing the client, immediately unparse the
server before searching for the client principal in the KDB.

do_tgs_req.c: Save a pointer to the client-requested service
principal, to make sure it gets logged if an error happens before
search_sprinc() successfully completes.

[tlyu@mit.edu: commit message; fix TGS to catch more error cases]

https://github.com/krb5/krb5/commit/aa6ac88b661019d50eab7aea4d12e5a291e46b40
Author: rbasch <probe@tardis.internal.bright-prospects.com>
Committer: Tom Yu <tlyu@mit.edu>
Commit: aa6ac88b661019d50eab7aea4d12e5a291e46b40
Branch: krb5-1.11
src/kdc/do_as_req.c | 13 +++++++++++++
src/kdc/do_tgs_req.c | 5 +++++
2 files changed, 18 insertions(+), 0 deletions(-)
From: tlyu@mit.edu
Subject: git commit

Fix possible null deref in previous

My rework of the do_tgs_req.c patch introduced a null deref if
decode_krb5_tgs_req() failed.

(cherry picked from commit 30589b2a1636de9f9b68591f0e546cb0fa21989f)

https://github.com/krb5/krb5/commit/8acb855e63260fa4d114563107fcc776b3446336
Author: Tom Yu <tlyu@mit.edu>
Commit: 8acb855e63260fa4d114563107fcc776b3446336
Branch: krb5-1.11
src/kdc/do_tgs_req.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)