Quick Links

KTH-KRB kerberos 4 patch

From:	Rodney McDuff <ccmcduff(at)its(dot)uq(dot)edu(dot)au>
To:	pgsql-hackers(at)postgreSQL(dot)org
Cc:	mcduff(at)its(dot)uq(dot)edu(dot)au
Subject:	KTH-KRB kerberos 4 patch
Date:	1999-02-24 05:04:32
Message-ID:	199902240504.PAA22502@its.uq.edu.au
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hi
I've been having also sorts of fun trying to get kerberos 4 authentification
working with postgresql-6.4.2 and KTH-KRB Ebones (http://www.pdc.kth.se/kth-kr
b) on a dec alpha running DU 4.0D using the native compiler. The following
patch does the trick.

The rationale behind this is as follows. The KTH-KRB code header files defines
lots of lengths like INST_SZ,REALM_SZ and KRB_SENDAUTH_VLEN. It also has a
habit of doing things like

chararray[LENGTH] = '\0'

to ensure null terminated strings. In my instance this just happens to blat
the kerberos principal instance string leading to error like

pg_krb4_recvauth: kerberos error: Can't decode authenticator (krb_rd_req)

The application code that comes with KTH-KRB uses "KRB_SENDAUTH_VLEN + 1" and
sometimes uses "INST_SZ + 1" so it seems safest to put that 1 char buffer in
the appropriate place.

*** postgresql-6.4.2/src/backend/libpq/auth.c.orig Wed Feb 24 12:14:55
1999
--- postgresql-6.4.2/src/backend/libpq/auth.c Wed Feb 24 14:03:46 1999
***************
*** 77,86 ****
{
long krbopts = 0; /* one-way authentication */
KTEXT_ST clttkt;
! char instance[INST_SZ];
AUTH_DAT auth_data;
Key_schedule key_sched;
! char version[KRB_SENDAUTH_VLEN];
int status;

strcpy(instance, "*"); /* don't care, but arg gets expanded
--- 77,86 ----
{
long krbopts = 0; /* one-way authentication */
KTEXT_ST clttkt;
! char instance[INST_SZ + 1];
AUTH_DAT auth_data;
Key_schedule key_sched;
! char version[KRB_SENDAUTH_VLEN + 1];
int status;

strcpy(instance, "*"); /* don't care, but arg gets expanded
*** postgresql-6.4.2/src/interfaces/libpq/fe-auth.c.orig Wed Feb 24
14:05:26 1999
--- postgresql-6.4.2/src/interfaces/libpq/fe-auth.c Wed Feb 24 14:12:56
1999
***************
*** 144,151 ****
static char *
pg_krb4_authname(char *PQerrormsg)
{
! char instance[INST_SZ];
! char realm[REALM_SZ];
int status;
static char name[SNAME_SZ + 1] = "";

--- 144,151 ----
static char *
pg_krb4_authname(char *PQerrormsg)
{
! char instance[INST_SZ + 1];
! char realm[REALM_SZ + 1];
int status;
static char name[SNAME_SZ + 1] = "";

+-----------------+------------------------------------------+
| _ ^ _ | Dr. Rodney McDuff |
| |\ /|\ /| | Network Development, ITS |
| \ | / | The University of Queensland |
| \ | / | St. Lucia, Brisbane |
| \|/ | Queensland, Australia. 4072. |
|<-------+------->| TELEPHONE: +61 7 3365 8220 |
| /|\ | FACSIMILE: +61 7 3365 4477 |
| / | \ | EMAIL: mcduff(at)its(dot)uq(dot)edu(dot)au |
| / | \ | |
| |/ \|/ \| | Ex ignorantia ad sapientiam |
| - v - | Ex luce ad tenebras |
+-----------------+------------------------------------------+

Responses

Re: [HACKERS] KTH-KRB kerberos 4 patch at 1999-02-25 06:53:17 from Tom Ivar Helbekkmo
Re: [HACKERS] KTH-KRB kerberos 4 patch at 1999-03-14 16:06:41 from Bruce Momjian

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	RHS Linux User	1999-02-24 08:18:36	Praise
Previous Message	Bruce Momjian	1999-02-24 04:46:18	IN list and OR processing