KTH-KRB kerberos 4 patch
Hi
I've been having also sorts of fun trying to get kerberos 4 authentification
working with postgresql-6.4.2 and KTH-KRB Ebones (http://www.pdc.kth.se/kth-kr
b) on a dec alpha running DU 4.0D using the native compiler. The following
patch does the trick.
The rationale behind this is as follows. The KTH-KRB code header files defines
lots of lengths like INST_SZ,REALM_SZ and KRB_SENDAUTH_VLEN. It also has a
habit of doing things like
chararray[LENGTH] = '\0'
to ensure null terminated strings. In my instance this just happens to blat
the kerberos principal instance string leading to error like
pg_krb4_recvauth: kerberos error: Can't decode authenticator (krb_rd_req)
The application code that comes with KTH-KRB uses "KRB_SENDAUTH_VLEN + 1" and
sometimes uses "INST_SZ + 1" so it seems safest to put that 1 char buffer in
the appropriate place.
*** postgresql-6.4.2/src/backend/libpq/auth.c.orig Wed Feb 24 12:14:55
1999
--- postgresql-6.4.2/src/backend/libpq/auth.c Wed Feb 24 14:03:46 1999
***************
*** 77,86 ****
{
long krbopts = 0; /* one-way authentication */
KTEXT_ST clttkt;
! char instance[INST_SZ];
AUTH_DAT auth_data;
Key_schedule key_sched;
! char version[KRB_SENDAUTH_VLEN];
int status; strcpy(instance, "*"); /* don't care, but arg gets expanded
--- 77,86 ----
{
long krbopts = 0; /* one-way authentication */
KTEXT_ST clttkt;
! char instance[INST_SZ + 1];
AUTH_DAT auth_data;
Key_schedule key_sched;
! char version[KRB_SENDAUTH_VLEN + 1];
int status; strcpy(instance, "*"); /* don't care, but arg gets expanded
*** postgresql-6.4.2/src/interfaces/libpq/fe-auth.c.orig Wed Feb 24
14:05:26 1999
--- postgresql-6.4.2/src/interfaces/libpq/fe-auth.c Wed Feb 24 14:12:56
1999
***************
*** 144,151 ****
static char *
pg_krb4_authname(char *PQerrormsg)
{
! char instance[INST_SZ];
! char realm[REALM_SZ];
int status;
static char name[SNAME_SZ + 1] = "";--- 144,151 ----
static char *
pg_krb4_authname(char *PQerrormsg)
{
! char instance[INST_SZ + 1];
! char realm[REALM_SZ + 1];
int status;
static char name[SNAME_SZ + 1] = "";--
+-----------------+------------------------------------------+
| _ ^ _ | Dr. Rodney McDuff |
| |\ /|\ /| | Network Development, ITS |
| \ | / | The University of Queensland |
| \ | / | St. Lucia, Brisbane |
| \|/ | Queensland, Australia. 4072. |
|<-------+------->| TELEPHONE: +61 7 3365 8220 |
| /|\ | FACSIMILE: +61 7 3365 4477 |
| / | \ | EMAIL: mcduff@its.uq.edu.au |
| / | \ | |
| |/ \|/ \| | Ex ignorantia ad sapientiam |
| - v - | Ex luce ad tenebras |
+-----------------+------------------------------------------+
Rodney McDuff <ccmcduff@its.uq.edu.au> writes:
I've been having also sorts of fun trying to get kerberos 4
authentification working with postgresql-6.4.2 and KTH-KRB Ebones
(http://www.pdc.kth.se/kth-kr b) on a dec alpha running DU 4.0D
using the native compiler. The following patch does the trick.
Great! This got a February 15th snapshot of PostgreSQL working for
me, too! Thanks! :-)
-tih
--
Popularity is the hallmark of mediocrity. --Niles Crane, "Frasier"
Import Notes
Reply to msg id not found: RodneyMcDuffsmessageofWed24Feb1999150432+1000
Applied.
Hi
I've been having also sorts of fun trying to get kerberos 4 authentification
working with postgresql-6.4.2 and KTH-KRB Ebones (http://www.pdc.kth.se/kth-kr
b) on a dec alpha running DU 4.0D using the native compiler. The following
patch does the trick.The rationale behind this is as follows. The KTH-KRB code header files defines
lots of lengths like INST_SZ,REALM_SZ and KRB_SENDAUTH_VLEN. It also has a
habit of doing things likechararray[LENGTH] = '\0'
to ensure null terminated strings. In my instance this just happens to blat
the kerberos principal instance string leading to error likepg_krb4_recvauth: kerberos error: Can't decode authenticator (krb_rd_req)
The application code that comes with KTH-KRB uses "KRB_SENDAUTH_VLEN + 1" and
sometimes uses "INST_SZ + 1" so it seems safest to put that 1 char buffer in
the appropriate place.*** postgresql-6.4.2/src/backend/libpq/auth.c.orig Wed Feb 24 12:14:55 1999 --- postgresql-6.4.2/src/backend/libpq/auth.c Wed Feb 24 14:03:46 1999 *************** *** 77,86 **** { long krbopts = 0; /* one-way authentication */ KTEXT_ST clttkt; ! char instance[INST_SZ]; AUTH_DAT auth_data; Key_schedule key_sched; ! char version[KRB_SENDAUTH_VLEN]; int status;strcpy(instance, "*"); /* don't care, but arg gets expanded --- 77,86 ---- { long krbopts = 0; /* one-way authentication */ KTEXT_ST clttkt; ! char instance[INST_SZ + 1]; AUTH_DAT auth_data; Key_schedule key_sched; ! char version[KRB_SENDAUTH_VLEN + 1]; int status;strcpy(instance, "*"); /* don't care, but arg gets expanded *** postgresql-6.4.2/src/interfaces/libpq/fe-auth.c.orig Wed Feb 24 14:05:26 1999 --- postgresql-6.4.2/src/interfaces/libpq/fe-auth.c Wed Feb 24 14:12:56 1999 *************** *** 144,151 **** static char * pg_krb4_authname(char *PQerrormsg) { ! char instance[INST_SZ]; ! char realm[REALM_SZ]; int status; static char name[SNAME_SZ + 1] = "";--- 144,151 ---- static char * pg_krb4_authname(char *PQerrormsg) { ! char instance[INST_SZ + 1]; ! char realm[REALM_SZ + 1]; int status; static char name[SNAME_SZ + 1] = "";--
+-----------------+------------------------------------------+ | _ ^ _ | Dr. Rodney McDuff | | |\ /|\ /| | Network Development, ITS | | \ | / | The University of Queensland | | \ | / | St. Lucia, Brisbane | | \|/ | Queensland, Australia. 4072. | |<-------+------->| TELEPHONE: +61 7 3365 8220 | | /|\ | FACSIMILE: +61 7 3365 4477 | | / | \ | EMAIL: mcduff@its.uq.edu.au | | / | \ | | | |/ \|/ \| | Ex ignorantia ad sapientiam | | - v - | Ex luce ad tenebras | +-----------------+------------------------------------------+
--
Bruce Momjian | http://www.op.net/~candle
maillist@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026