Re: [HACKERS] KTH-KRB kerberos 4 patch

Applied.

> Hi
> I've been having also sorts of fun trying to get kerberos 4 authentification
> working with postgresql-6.4.2 and KTH-KRB Ebones (http://www.pdc.kth.se/kth-kr
> b) on a dec alpha running DU 4.0D using the native compiler. The following
> patch does the trick.
>
> The rationale behind this is as follows. The KTH-KRB code header files defines
> lots of lengths like INST_SZ,REALM_SZ and KRB_SENDAUTH_VLEN. It also has a
> habit of doing things like
>
> chararray[LENGTH] = '\0'
>
> to ensure null terminated strings. In my instance this just happens to blat
> the kerberos principal instance string leading to error like
>
> pg_krb4_recvauth: kerberos error: Can't decode authenticator (krb_rd_req)
>
> The application code that comes with KTH-KRB uses "KRB_SENDAUTH_VLEN + 1" and
> sometimes uses "INST_SZ + 1" so it seems safest to put that 1 char buffer in
> the appropriate place.
>
>
>
> *** postgresql-6.4.2/src/backend/libpq/auth.c.orig Wed Feb 24 12:14:55
> 1999
> --- postgresql-6.4.2/src/backend/libpq/auth.c Wed Feb 24 14:03:46 1999
> ***************
> *** 77,86 ****
> {
> long krbopts = 0; /* one-way authentication */
> KTEXT_ST clttkt;
> ! char instance[INST_SZ];
> AUTH_DAT auth_data;
> Key_schedule key_sched;
> ! char version[KRB_SENDAUTH_VLEN];
> int status;
>
> strcpy(instance, "*"); /* don't care, but arg gets expanded
> --- 77,86 ----
> {
> long krbopts = 0; /* one-way authentication */
> KTEXT_ST clttkt;
> ! char instance[INST_SZ + 1];
> AUTH_DAT auth_data;
> Key_schedule key_sched;
> ! char version[KRB_SENDAUTH_VLEN + 1];
> int status;
>
> strcpy(instance, "*"); /* don't care, but arg gets expanded
> *** postgresql-6.4.2/src/interfaces/libpq/fe-auth.c.orig Wed Feb 24
> 14:05:26 1999
> --- postgresql-6.4.2/src/interfaces/libpq/fe-auth.c Wed Feb 24 14:12:56
> 1999
> ***************
> *** 144,151 ****
> static char *
> pg_krb4_authname(char *PQerrormsg)
> {
> ! char instance[INST_SZ];
> ! char realm[REALM_SZ];
> int status;
> static char name[SNAME_SZ + 1] = "";
>
> --- 144,151 ----
> static char *
> pg_krb4_authname(char *PQerrormsg)
> {
> ! char instance[INST_SZ + 1];
> ! char realm[REALM_SZ + 1];
> int status;
> static char name[SNAME_SZ + 1] = "";
>
>
> --
>
> +-----------------+------------------------------------------+
> | _ ^ _ | Dr. Rodney McDuff |
> | |\ /|\ /| | Network Development, ITS |
> | \ | / | The University of Queensland |
> | \ | / | St. Lucia, Brisbane |
> | \|/ | Queensland, Australia. 4072. |
> |<-------+------->| TELEPHONE: +61 7 3365 8220 |
> | /|\ | FACSIMILE: +61 7 3365 4477 |
> | / | \ | EMAIL: mcduff(at)its(dot)uq(dot)edu(dot)au |
> | / | \ | |
> | |/ \|/ \| | Ex ignorantia ad sapientiam |
> | - v - | Ex luce ad tenebras |
> +-----------------+------------------------------------------+
>
>
>
>

--
Bruce Momjian | http://www.op.net/~candle
maillist(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026