Author: baggins Date: Fri Mar 30 13:22:19 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- bugfixes fro Fedora
---- Files affected:
SOURCES:
krb5-api.patch (NONE -> 1.1) (NEW), krb5-brokenrev.patch (NONE -> 1.1)
(NEW), krb5-dns.patch (NONE -> 1.1) (NEW), krb5-enospc.patch (NONE -> 1.1)
(NEW), krb5-fclose.patch (NONE -> 1.1) (NEW), krb5-fix-sendto_kdc-memset.patch
(NONE -> 1.1) (NEW), krb5-gssinit.patch (NONE -> 1.1) (NEW), krb5-io.patch
(NONE -> 1.1) (NEW), krb5-kprop-mktemp.patch (NONE -> 1.1) (NEW),
krb5-login-lpass.patch (NONE -> 1.1) (NEW), krb5-null.patch (NONE -> 1.1)
(NEW), krb5-rcp-markus.patch (NONE -> 1.1) (NEW), krb5-rcp-sendlarge.patch
(NONE -> 1.1) (NEW), krb5-reject-bad-transited.patch (NONE -> 1.1) (NEW),
krb5-send-pr-tempfile.patch (NONE -> 1.1) (NEW), krb5-telnet-environ.patch
(NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/krb5-api.patch
diff -u /dev/null SOURCES/krb5-api.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-api.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,30 @@
+Reference docs don't define what happens if you call krb5_realm_compare() with
+malformed krb5_principal structures. Define a behavior which keeps it from
+crashing if applications don't check ahead of time.
+
+--- krb5-1.4.1/src/lib/krb5/krb/princ_comp.c 2002-09-02 21:13:46.000000000
-0400
++++ krb5-1.4.1/src/lib/krb5/krb/princ_comp.c 2005-06-29 13:56:55.000000000
-0400
+@@ -33,6 +33,13 @@
+ krb5_boolean KRB5_CALLCONV
+ krb5_realm_compare(krb5_context context, krb5_const_principal princ1,
krb5_const_principal princ2)
+ {
++ if ((princ1 == NULL) || (princ2 == NULL))
++ return FALSE;
++
++ if ((krb5_princ_realm(context, princ1) == NULL) ||
++ (krb5_princ_realm(context, princ2) == NULL))
++ return FALSE;
++
+ if (krb5_princ_realm(context, princ1)->length !=
+ krb5_princ_realm(context, princ2)->length ||
+ memcmp (krb5_princ_realm(context, princ1)->data,
+@@ -49,6 +56,9 @@
+ register int i;
+ krb5_int32 nelem;
+
++ if ((princ1 == NULL) || (princ2 == NULL))
++ return FALSE;
++
+ nelem = krb5_princ_size(context, princ1);
+ if (nelem != krb5_princ_size(context, princ2))
+ return FALSE;
================================================================
Index: SOURCES/krb5-brokenrev.patch
diff -u /dev/null SOURCES/krb5-brokenrev.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-brokenrev.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,19 @@
+The version of "rev" in util-linux doesn't work as this script expects it to.
+
+--- krb5-1.5/src/plugins/kdb/db2/libdb2/test/run.test Wed Jun 7 22:46:39 2000
++++ krb5-1.5/src/plugins/kdb/db2/libdb2/test/run.test Wed Jun 7 22:46:34 2000
+@@ -541,12 +541,8 @@
+ # the btree split code gets hammered.
+ test12()
+ {
+- if ( rev < /dev/null ) > /dev/null 2>&1 ; then
+- :
+- else
+- echo "Test 12: skipped, rev not found"
+- return
+- fi
++ echo "Test 12: skipped, rev not found"
++ return
+ if test $dictsize -lt 20001 ; then
+ echo "Test 12: skipped, dictionary too small"
+ return
================================================================
Index: SOURCES/krb5-dns.patch
diff -u /dev/null SOURCES/krb5-dns.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-dns.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,11 @@
+We want to be able to use --with-netlib and --enable-dns at the same time.
+--- krb5-1.3.1/src/aclocal.m4 2003-11-24 11:17:30.000000000 -0500
++++ krb5-1.3.1/src/aclocal.m4 2003-11-24 11:18:45.000000000 -0500
+@@ -647,6 +647,7 @@
+ LIBS="$LIBS $withval"
+ AC_MSG_RESULT("netlib will use \'$withval\'")
+ fi
++ KRB5_AC_ENABLE_DNS
+ ],dnl
+ [AC_LIBRARY_NET]
+ )])dnl
================================================================
Index: SOURCES/krb5-enospc.patch
diff -u /dev/null SOURCES/krb5-enospc.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-enospc.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,30 @@
+If the error message is going to be ambiguous, try to give the user some clue
+by returning the last error reported by the OS.
+
+--- krb5-1.4.3/src/clients/kinit/kinit.c 2006-02-06 13:50:06.000000000
-0500
++++ krb5-1.4.3/src/clients/kinit/kinit.c 2006-02-06 13:49:41.000000000
-0500
+@@ -34,6 +34,7 @@
+ #else
+ #undef HAVE_KRB524
+ #endif
++#include <errno.h>
+ #include <string.h>
+ #include <stdio.h>
+ #include <time.h>
+@@ -846,8 +847,14 @@
+
+ code = krb5_cc_initialize(k5->ctx, k5->cc, k5->me);
+ if (code) {
+- com_err(progname, code, "when initializing cache %s",
+- opts->k5_cache_name?opts->k5_cache_name:"");
++ if ((code == KRB5_CC_IO) && (errno != 0)) {
++ com_err(progname, code, "when initializing cache %s: %s",
++ opts->k5_cache_name?opts->k5_cache_name:"",
++ strerror(errno));
++ } else {
++ com_err(progname, code, "when initializing cache %s",
++ opts->k5_cache_name?opts->k5_cache_name:"");
++ }
+ goto cleanup;
+ }
+
================================================================
Index: SOURCES/krb5-fclose.patch
diff -u /dev/null SOURCES/krb5-fclose.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-fclose.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,40 @@
+Ensure that we don't accidentally attempt to use or fclose() a file which we
+have already fclose()d.
+
+--- krb5-1.5/src/lib/krb5/keytab/kt_file.c 2006-06-13 10:14:27.000000000
-0400
++++ krb5-1.5/src/lib/krb5/keytab/kt_file.c 2006-07-05 14:55:11.000000000
-0400
+@@ -1083,29 +1083,32 @@
+ if (writevno) {
+ kt_vno = htons(krb5_kt_default_vno);
+ KTVERSION(id) = krb5_kt_default_vno;
+ if (!xfwrite(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) {
+- kerror = errno;
++ kerror = errno ? errno : EIO;
+ (void) krb5_unlock_file(context, fileno(KTFILEP(id)));
+ (void) fclose(KTFILEP(id));
++ KTFILEP(id) = 0;
+ return kerror;
+ }
+ } else {
+ /* gotta verify it instead... */
+ if (!xfread(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) {
+ if (feof(KTFILEP(id)))
+ kerror = KRB5_KEYTAB_BADVNO;
+ else
+- kerror = errno;
++ kerror = errno ? errno : EIO;
+ (void) krb5_unlock_file(context, fileno(KTFILEP(id)));
+ (void) fclose(KTFILEP(id));
++ KTFILEP(id) = 0;
+ return kerror;
+ }
+ kt_vno = KTVERSION(id) = ntohs(kt_vno);
+ if ((kt_vno != KRB5_KT_VNO) &&
+ (kt_vno != KRB5_KT_VNO_1)) {
+ (void) krb5_unlock_file(context, fileno(KTFILEP(id)));
+ (void) fclose(KTFILEP(id));
++ KTFILEP(id) = 0;
+ return KRB5_KEYTAB_BADVNO;
+ }
+ }
+ return 0;
================================================================
Index: SOURCES/krb5-fix-sendto_kdc-memset.patch
diff -u /dev/null SOURCES/krb5-fix-sendto_kdc-memset.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-fix-sendto_kdc-memset.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,22 @@
+Michael Calmer's fix for a crash bug, RT #5394.
+
+--- src/lib/krb5/os/sendto_kdc.c
++++ src/lib/krb5/os/sendto_kdc.c 2007/01/17 14:17:10
+@@ -1100,7 +1100,7 @@
+ struct sockaddr *remoteaddr, socklen_t *remoteaddrlen,
+ int *addr_used)
+ {
+- int i, pass;
++ int i = 0, pass;
+ int delay_this_pass = 2;
+ krb5_error_code retval;
+ struct conn_state *conns;
+@@ -1135,7 +1135,7 @@
+ return ENOMEM;
+ }
+
+- memset(conns, 0, n_conns * sizeof(callback_data[i]));
++ memset(callback_data, 0, n_conns * sizeof(callback_data[i]));
+ }
+
+ for (i = 0; i < n_conns; i++) {
================================================================
Index: SOURCES/krb5-gssinit.patch
diff -u /dev/null SOURCES/krb5-gssinit.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-gssinit.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,19 @@
+Don't crash in gss_release_oid() when the application is doing nothing
+more than importing a name and freeing it (gss_release_name() calls
+gss_release_oid(), but gss_import_name() doesn't initialize the library,
+so gss_release_oid() hits an assertion failure when it tries to lock the
+mechanism list).
+
+Upstream RT #4088/4096.
+
+--- krb5-1.5/src/lib/gssapi/mechglue/g_initialize.c 2006-08-07
13:10:19.000000000 -0400
++++ krb5-1.5/src/lib/gssapi/mechglue/g_initialize.c 2006-08-07
13:10:13.000000000 -0400
+@@ -91,6 +91,8 @@
+
+ if (minor_status == NULL)
+ return (GSS_S_CALL_INACCESSIBLE_WRITE);
++ if (gssint_initialize_library())
++ return GSS_S_FAILURE;
+
+ *minor_status = 0;
+
================================================================
Index: SOURCES/krb5-io.patch
diff -u /dev/null SOURCES/krb5-io.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-io.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,251 @@
+We can get stuck if a write is going to block because both ends are writing and
+neither end is reading. This is a port of a patch which aims to solve that
+problem, but for now it's incomplete because we don't handle partial writes. A
+proper non-blocking implementation would require a bit more work.
+
+diff -ur krb5-1.5/src/appl/bsd/defines.h krb5-1.5/src/appl/bsd/defines.h
+--- krb5-1.5/src/appl/bsd/defines.h 2003-01-01 05:13:20.000000000 -0500
++++ krb5-1.5/src/appl/bsd/defines.h 2006-07-21 15:11:44.000000000 -0400
+@@ -34,6 +34,7 @@
+ enum kcmd_proto *protonum /* input and output */
+ );
+
++extern int rcmd_stream_has_unsent_data (void);
+ extern int rcmd_stream_read (int fd, char *buf, size_t len, int secondary);
+ extern int rcmd_stream_write (int fd, char *buf, size_t len, int secondary);
+ extern int getport (int * /* portnum */, int * /* addrfamily */);
+diff -ur krb5-1.5/src/appl/bsd/kcmd.c krb5-1.5/src/appl/bsd/kcmd.c
+--- krb5-1.5/src/appl/bsd/kcmd.c 2004-10-01 18:08:14.000000000 -0400
++++ krb5-1.5/src/appl/bsd/kcmd.c 2006-07-21 15:11:44.000000000 -0400
+@@ -839,6 +839,11 @@
+ output = twrite;
+ }
+
++int rcmd_stream_has_unsent_data (void)
++{
++ return (nstored > 0);
++}
++
+ void rcmd_stream_init_krb5(in_keyblock, encrypt_flag, lencheck, am_client,
+ protonum)
+ krb5_keyblock *in_keyblock;
+@@ -1019,7 +1024,8 @@
+ cc = krb5_net_read(bsd_context, fd, &c, 1);
+ /* we should check for non-blocking here, but we'd have
+ to make it save partial reads as well. */
+- if (cc <= 0) return cc; /* read error */
++ if (cc == 0) return nreturned; /* EOF */
++ if (cc < 0) return cc; /* read error */
+ if (cc == 1) {
+ if (c == 0 || !do_lencheck) break;
+ }
+diff -ur krb5-1.5/src/appl/bsd/krsh.c krb5-1.5/src/appl/bsd/krsh.c
+--- krb5-1.5/src/appl/bsd/krsh.c 2006-07-21 16:05:57.000000000 -0400
++++ krb5-1.5/src/appl/bsd/krsh.c 2006-07-21 15:19:05.000000000 -0400
+@@ -128,10 +128,11 @@
+ char **argv0;
+ {
+ int rem, pid = 0;
+- char *host=0, *cp, **ap, buf[RCMD_BUFSIZ], *args, **argv = argv0, *user =
0;
++ char *host=0, *cp, **ap, buf[PIPE_BUF], *args, **argv = argv0, *user = 0;
+ register int cc;
+ struct passwd *pwd;
+ fd_set readfrom, ready;
++ fd_set writeto, ready_wr;
+ int one = 1;
+ struct servent *sp;
+ struct servent defaultservent;
+@@ -548,9 +549,14 @@
+ FD_ZERO(&readfrom);
+ FD_SET(rfd2, &readfrom);
+ FD_SET(rem, &readfrom);
++ FD_ZERO(&writeto);
+ do {
++ int max_fd;
++ max_fd = (rfd2 > rem) ? rfd2 : rem;
++ max_fd = (max_fd > 2) ? max_fd : 2;
+ ready = readfrom;
+- if (select(((rfd2 > rem) ? rfd2 : rem) + 1, &ready, 0, 0, 0) < 0) {
++ ready_wr = writeto;
++ if (select(max_fd + 1, &ready, &ready_wr, 0, 0) < 0) {
+ if (errno != EINTR) {
+ perror("select");
+ exit(1);
+@@ -558,22 +564,38 @@
+ continue;
+ }
+ if (FD_ISSET(rfd2, &ready)) {
+- errno = 0;
+- cc = rcmd_stream_read(rfd2, buf, sizeof buf, 1);
+- if (cc <= 0) {
+- if ((errno != EWOULDBLOCK) && (errno != EAGAIN))
+- FD_CLR(rfd2, &readfrom);
+- } else
+- (void) write(2, buf, (unsigned) cc);
++ FD_SET(2, &writeto);
++ }
++ if (FD_ISSET(2, &ready_wr)) {
++ do {
++ errno = 0;
++ cc = rcmd_stream_read(rfd2, buf, sizeof buf, 1);
++ if (cc <= 0) {
++ if ((errno != EWOULDBLOCK) && (errno != EAGAIN)) {
++ FD_CLR(rfd2, &readfrom);
++ break;
++ }
++ } else
++ (void) write(2, buf, (unsigned) cc);
++ } while (rcmd_stream_has_unsent_data());
++ FD_CLR(2, &writeto);
+ }
+ if (FD_ISSET(rem, &ready)) {
+- errno = 0;
+- cc = rcmd_stream_read(rem, buf, sizeof buf, 0);
+- if (cc <= 0) {
+- if ((errno != EWOULDBLOCK) && (errno != EAGAIN))
+- FD_CLR(rem, &readfrom);
+- } else
+- (void) write(1, buf, (unsigned) cc);
++ FD_SET(1, &writeto);
++ }
++ if (FD_ISSET(1, &ready_wr)) {
++ do {
++ errno = 0;
++ cc = rcmd_stream_read(rem, buf, sizeof buf, 0);
++ if (cc <= 0) {
++ if ((errno != EWOULDBLOCK) && (errno != EAGAIN)) {
++ FD_CLR(rem, &readfrom);
++ break;
++ }
++ } else
++ (void) write(1, buf, (unsigned) cc);
++ } while (rcmd_stream_has_unsent_data());
++ FD_CLR(1, &writeto);
+ }
+ } while (FD_ISSET(rem, &readfrom) || FD_ISSET(rfd2, &readfrom));
+ if (nflag == 0)
+diff -ur krb5-1.5/src/appl/bsd/krshd.c krb5-1.5/src/appl/bsd/krshd.c
+--- krb5-1.5/src/appl/bsd/krshd.c 2006-06-20 00:06:52.000000000 -0400
++++ krb5-1.5/src/appl/bsd/krshd.c 2006-07-21 16:02:12.000000000 -0400
+@@ -633,7 +633,8 @@
+ short port;
+ int pv[2], pw[2], px[2], cc;
+ fd_set ready, readfrom;
+- char buf[RCMD_BUFSIZ], sig;
++ fd_set ready_wr, writeto;
++ char buf[PIPE_BUF], sig;
+ struct sockaddr_storage localaddr;
+ #ifdef POSIX_SIGNALS
+ struct sigaction sa;
+@@ -1261,6 +1262,10 @@
+ if (pw[0] > maxfd)
+ maxfd = pw[0];
+
++ if (px[1] > maxfd)
++ maxfd = px[1];
++ FD_ZERO(&writeto);
++
+ /* read from f, write to px[1] -- child stdin */
+ /* read from s, signal child */
+ /* read from pv[0], write to s -- child stderr */
+@@ -1268,36 +1273,47 @@
+
+ do {
+ ready = readfrom;
+- if (select(maxfd + 1, &ready, (fd_set *)0,
++ ready_wr = writeto;
++ if (select(maxfd + 1, &ready, &ready_wr,
+ (fd_set *)0, (struct timeval *)0) < 0) {
+ if (errno == EINTR) {
+ continue;
+ } else {
+ break;
+- }
++ }
+ }
+
+ if (port&&FD_ISSET(pv[0], &ready)) {
++ FD_SET(s, &writeto);
++ FD_CLR(pv[0], &readfrom);
++ }
++ if (port&&FD_ISSET(s, &ready_wr)) {
+ /* read from the child stderr, write to the net */
+ errno = 0;
+ cc = read(pv[0], buf, sizeof (buf));
+- if (cc <= 0) {
++ if ((cc <= 0) ||
++ (rcmd_stream_write(s, buf, (unsigned) cc, 1) != cc)) {
+ shutdown(s, 1+1);
+- FD_CLR(pv[0], &readfrom);
+ } else {
+- (void) rcmd_stream_write(s, buf, (unsigned) cc, 1);
++ FD_SET(pv[0], &readfrom);
+ }
++ FD_CLR(s, &writeto);
+ }
+ if (FD_ISSET(pw[0], &ready)) {
++ FD_SET(f, &writeto);
++ FD_CLR(pw[0], &readfrom);
++ }
++ if (FD_ISSET(f, &ready_wr)) {
+ /* read from the child stdout, write to the net */
+ errno = 0;
+ cc = read(pw[0], buf, sizeof (buf));
+- if (cc <= 0) {
++ if ((cc <= 0) ||
++ (rcmd_stream_write(f, buf, (unsigned) cc, 0) != cc)) {
+ shutdown(f, 1+1);
+- FD_CLR(pw[0], &readfrom);
+ } else {
+- (void) rcmd_stream_write(f, buf, (unsigned) cc, 0);
++ FD_SET(pw[0], &readfrom);
+ }
++ FD_CLR(f, &writeto);
+ }
+ if (port&&FD_ISSET(s, &ready)) {
+ /* read from the alternate channel, signal the child */
+@@ -1315,12 +1331,15 @@
+ }
+ }
+ if (FD_ISSET(f, &ready)) {
++ FD_SET(px[1], &writeto);
++ FD_CLR(f, &readfrom);
++ }
++ if (FD_ISSET(px[1], &ready_wr)) {
+ /* read from the net, write to child stdin */
+ errno = 0;
+ cc = rcmd_stream_read(f, buf, sizeof(buf), 0);
+ if (cc <= 0) {
+ (void) close(px[1]);
+- FD_CLR(f, &readfrom);
+ } else {
+ int wcc;
+ wcc = write(px[1], buf, (unsigned) cc);
+@@ -1328,17 +1347,22 @@
+ /* pipe closed, don't read any more */
+ /* might check for EPIPE */
+ (void) close(px[1]);
+- FD_CLR(f, &readfrom);
+- } else if (wcc != cc) {
+- syslog(LOG_INFO, "only wrote %d/%d to child",
+- wcc, cc);
++ } else {
++ if (wcc != cc)
++ syslog(LOG_INFO, "only wrote %d/%d to child",
++ wcc, cc);
++ FD_SET(f, &readfrom);
+ }
+ }
++ FD_CLR(px[1], &writeto);
+ }
+ } while ((port&&FD_ISSET(s, &readfrom)) ||
+ FD_ISSET(f, &readfrom) ||
+ (port&&FD_ISSET(pv[0], &readfrom) )||
+- FD_ISSET(pw[0], &readfrom));
++ FD_ISSET(pw[0], &readfrom) ||
++ (port&&FD_ISSET(s, &writeto)) ||
++ FD_ISSET(f, &writeto) ||
++ FD_ISSET(px[1], &writeto));
+ ignore_signals();
+ #ifdef KERBEROS
+ syslog(LOG_INFO ,
================================================================
Index: SOURCES/krb5-kprop-mktemp.patch
diff -u /dev/null SOURCES/krb5-kprop-mktemp.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-kprop-mktemp.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,41 @@
+Use an in-memory ccache to silence a compiler warning.
+--- krb5-1.3.5/src/slave/kprop.c 2004-11-17 12:18:48.000000000 -0500
++++ krb5-1.3.5/src/slave/kprop.c 2004-11-17 13:42:31.926487217 -0500
+@@ -211,9 +211,8 @@
+ void get_tickets(context)
+ krb5_context context;
+ {
+- char buf[BUFSIZ];
+ krb5_error_code retval;
+- static char tkstring[] = "/tmp/kproptktXXXXXX";
++ char tkstring[] = "MEMORY:_kproptkt";
+ krb5_keytab keytab = NULL;
+
+ /*
+@@ -238,22 +237,19 @@
+ #endif
+
+ /*
+- * Initialize cache file which we're going to be using
++ * Initialize an in-memory cache for temporary use
+ */
+- (void) mktemp(tkstring);
+- sprintf(buf, "FILE:%s", tkstring);
+-
+- retval = krb5_cc_resolve(context, buf, &ccache);
++ retval = krb5_cc_resolve(context, tkstring, &ccache);
+ if (retval) {
+ com_err(progname, retval, "while opening credential cache %s",
+- buf);
++ tkstring);
+ exit(1);
+ }
+
+ retval = krb5_cc_initialize(context, ccache, my_principal);
+ if (retval) {
+ com_err (progname, retval, "when initializing cache %s",
+- buf);
++ tkstring);
+ exit(1);
+ }
+
================================================================
Index: SOURCES/krb5-login-lpass.patch
diff -u /dev/null SOURCES/krb5-login-lpass.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-login-lpass.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,28 @@
+The local crypt() may support hash types which use more than the first 8
+characters. It also doesn't modify the input string, so we should just
+stop truncating it. Are there platforms where the input string *is* modified?
+
+--- krb5-1.2.7/src/appl/bsd/login.c 2005-11-15 16:20:34.000000000 -0500
++++ krb5-1.2.7/src/appl/bsd/login.c 2005-11-15 16:20:29.000000000 -0500
+@@ -461,17 +461,14 @@
+ int unix_passwd_okay (pass)
+ char *pass;
+ {
+- char user_pwcopy[9], *namep;
++ char *namep;
+ char *crypt ();
+
+ assert (pwd != 0);
+
+- /* copy the first 8 chars of the password for unix crypt */
+- strncpy(user_pwcopy, pass, sizeof(user_pwcopy));
+- user_pwcopy[sizeof(user_pwcopy) - 1]='\0';
+- namep = crypt(user_pwcopy, salt);
+- memset (user_pwcopy, 0, sizeof(user_pwcopy));
+- /* ... and wipe the copy now that we have the string */
++ namep = crypt(pass, salt);
++ if (strlen(namep) < 13)
++ return 0;
+
+ /* verify the local password string */
+ #ifdef HAVE_SHADOW
================================================================
Index: SOURCES/krb5-null.patch
diff -u /dev/null SOURCES/krb5-null.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-null.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,33 @@
+Screen out interfaces which have no address in foreach_localaddr(). (Per man
+pages for OpenBSD and OS/X, they are legal.) If it doesn't have an address,
+the functions which call this function (src/kdc/network.c, which wants to
+listen on the interfaces, and src/lib/krb5/os/localaddr.c, which just wants a
+list of local addresses), have no use for it anyway.
+
+This is slightly different than the fix proposed by Paul Jakma at
+http://mailman.mit.edu/pipermail/krb5-bugs/2004-January/002152.html, but is
+more or less equivalent.
+
+Don't worry, printifaddr() already checks that ifp->ifa_addr != NULL before
+printing it.
+
+--- krb5-1.4/src/lib/krb5/os/localaddr.c 2005-02-18 11:20:52.000000000
-0500
++++ krb5-1.4/src/lib/krb5/os/localaddr.c 2005-02-18 11:23:52.000000000
-0500
+@@ -435,6 +435,8 @@
+ #ifdef DEBUG
+ printifaddr (ifp);
+ #endif
++ if (ifp->ifa_addr == NULL)
++ continue;
+ if ((ifp->ifa_flags & IFF_UP) == 0)
+ continue;
+ if (ifp->ifa_flags & IFF_LOOPBACK) {
+@@ -458,6 +460,8 @@
+ /* If this address is a duplicate, punt. */
+ match = 0;
+ for (ifp2 = ifp_head; ifp2 && ifp2 != ifp; ifp2 = ifp2->ifa_next) {
++ if (ifp2->ifa_addr == NULL)
++ continue;
+ if ((ifp2->ifa_flags & IFF_UP) == 0)
+ continue;
+ if (ifp2->ifa_flags & IFF_LOOPBACK)
================================================================
Index: SOURCES/krb5-rcp-markus.patch
diff -u /dev/null SOURCES/krb5-rcp-markus.patch:1.1
--- /dev/null Fri Mar 30 15:22:19 2007
+++ SOURCES/krb5-rcp-markus.patch Fri Mar 30 15:22:14 2007
@@ -0,0 +1,46 @@
+Fix for CAN-2004-0175, based on Markus Friedl's fix for OpenSSH scp.
<<Diff was trimmed, longer than 597 lines>>
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
