Package: libpam-heimdal
Version: 1.2.0-2
Severity: important
Tags: patch
In /usr/include/krb5.h the funtion krb5_prompter_fct is defined with the
arguments
krb5_context, void *, const char *, const char *, int, krb5_prompt[]
but in compat_heimdal.c it has only
krb5_context, void *, const char *, int, krb5_prompt[]
which leads to some strange results as some (long) passwords not being
accepted.
When I tried to debug the problem I changed the line 105 in support.c that
read retval = krb5_get_init_creds_password(..., pass, pam_prompter, ...) to
retval = krb5_get_init_creds_password(..., NULL, pam_prompter, ...)
since I first thought the bug was heimdals handling of the password variable.
That way the prompt function would be used even to aquire the password.
There I also found out that the memcopy would not copy the resulting \0 byte
of the password string over and this would fail password verification although
the correct length if the password is passed as a response.
So my solution of copying the \0 byte is probably not the correct solution and I
may have missed updating the reply->length field since I was not sure whether
this refered to the stringlength including the \0 byte or not.
Regards,
Daniel Willmann
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14.2-rzprt5
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages libpam-heimdal depends on:
ii libc6 2.3.6-13 GNU C Library: Shared libraries
ii libkrb5-17-heimdal 0.7.2.dfsg.1-2 Libraries for Heimdal Kerberos
ii libpam0g 0.79-3.1 Pluggable Authentication Modules l
libpam-heimdal recommends no packages.
-- no debconf information
diff -Naur libpam-heimdal-1.2.0.orig/compat_heimdal.c libpam-heimdal-1.2.0/compat_heimdal.c
--- libpam-heimdal-1.2.0.orig/compat_heimdal.c 2005-09-28 01:33:51.000000000 +0200
+++ libpam-heimdal-1.2.0/compat_heimdal.c 2006-06-12 14:53:45.000000000 +0200
@@ -29,8 +29,8 @@
static krb5_error_code
-heimdal_pam_prompter(krb5_context context, void *data, const char *banner, int
- num_prompts, krb5_prompt prompts[])
+heimdal_pam_prompter(krb5_context context, void *data, const char *banner, const
+ char *name, int num_prompts, krb5_prompt prompts[])
{
int pam_prompts = num_prompts;
int pamret, i;
@@ -91,11 +91,11 @@
goto cleanup;
}
len = strlen(resp[pam_prompts].resp); /* Help out the compiler */
- if (len > prompts[i].reply->length) {
+ if (len+1 > prompts[i].reply->length) {
pamret = PAM_AUTH_ERR;
goto cleanup;
}
- memcpy(prompts[i].reply->data, resp[pam_prompts].resp, len);
+ memcpy(prompts[i].reply->data, resp[pam_prompts].resp, len+1);
prompts[i].reply->length = len;
}
