From: | Rodney McDuff <ccmcduff(at)its(dot)uq(dot)edu(dot)au> |
---|---|
To: | pgsql-hackers(at)postgreSQL(dot)org |
Cc: | mcduff(at)its(dot)uq(dot)edu(dot)au |
Subject: | KTH-KRB kerberos 4 patch |
Date: | 1999-02-24 05:04:32 |
Message-ID: | 199902240504.PAA22502@its.uq.edu.au |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi
I've been having also sorts of fun trying to get kerberos 4 authentification
working with postgresql-6.4.2 and KTH-KRB Ebones (http://www.pdc.kth.se/kth-kr
b) on a dec alpha running DU 4.0D using the native compiler. The following
patch does the trick.
The rationale behind this is as follows. The KTH-KRB code header files defines
lots of lengths like INST_SZ,REALM_SZ and KRB_SENDAUTH_VLEN. It also has a
habit of doing things like
chararray[LENGTH] = '\0'
to ensure null terminated strings. In my instance this just happens to blat
the kerberos principal instance string leading to error like
pg_krb4_recvauth: kerberos error: Can't decode authenticator (krb_rd_req)
The application code that comes with KTH-KRB uses "KRB_SENDAUTH_VLEN + 1" and
sometimes uses "INST_SZ + 1" so it seems safest to put that 1 char buffer in
the appropriate place.
*** postgresql-6.4.2/src/backend/libpq/auth.c.orig Wed Feb 24 12:14:55
1999
--- postgresql-6.4.2/src/backend/libpq/auth.c Wed Feb 24 14:03:46 1999
***************
*** 77,86 ****
{
long krbopts = 0; /* one-way authentication */
KTEXT_ST clttkt;
! char instance[INST_SZ];
AUTH_DAT auth_data;
Key_schedule key_sched;
! char version[KRB_SENDAUTH_VLEN];
int status;
strcpy(instance, "*"); /* don't care, but arg gets expanded
--- 77,86 ----
{
long krbopts = 0; /* one-way authentication */
KTEXT_ST clttkt;
! char instance[INST_SZ + 1];
AUTH_DAT auth_data;
Key_schedule key_sched;
! char version[KRB_SENDAUTH_VLEN + 1];
int status;
strcpy(instance, "*"); /* don't care, but arg gets expanded
*** postgresql-6.4.2/src/interfaces/libpq/fe-auth.c.orig Wed Feb 24
14:05:26 1999
--- postgresql-6.4.2/src/interfaces/libpq/fe-auth.c Wed Feb 24 14:12:56
1999
***************
*** 144,151 ****
static char *
pg_krb4_authname(char *PQerrormsg)
{
! char instance[INST_SZ];
! char realm[REALM_SZ];
int status;
static char name[SNAME_SZ + 1] = "";
--- 144,151 ----
static char *
pg_krb4_authname(char *PQerrormsg)
{
! char instance[INST_SZ + 1];
! char realm[REALM_SZ + 1];
int status;
static char name[SNAME_SZ + 1] = "";
--
+-----------------+------------------------------------------+
| _ ^ _ | Dr. Rodney McDuff |
| |\ /|\ /| | Network Development, ITS |
| \ | / | The University of Queensland |
| \ | / | St. Lucia, Brisbane |
| \|/ | Queensland, Australia. 4072. |
|<-------+------->| TELEPHONE: +61 7 3365 8220 |
| /|\ | FACSIMILE: +61 7 3365 4477 |
| / | \ | EMAIL: mcduff(at)its(dot)uq(dot)edu(dot)au |
| / | \ | |
| |/ \|/ \| | Ex ignorantia ad sapientiam |
| - v - | Ex luce ad tenebras |
+-----------------+------------------------------------------+
From | Date | Subject | |
---|---|---|---|
Next Message | RHS Linux User | 1999-02-24 08:18:36 | Praise |
Previous Message | Bruce Momjian | 1999-02-24 04:46:18 | IN list and OR processing |