Fix a number of pointer aliasing bugs
authorTheodore Tso <tytso@mit.edu>
Thu, 15 Sep 1994 04:22:13 +0000 (04:22 +0000)
committerTheodore Tso <tytso@mit.edu>
Thu, 15 Sep 1994 04:22:13 +0000 (04:22 +0000)
Make sure the master key version number is propgated correctly for new keys.

Fixed bug where process_client tried to free an automatic variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4237 dc483132-0cff-0310-8789-dd5450dbe970

src/kadmin/server/ChangeLog
src/kadmin/server/adm_check.c
src/kadmin/server/adm_extern.h
src/kadmin/server/adm_funcs.c
src/kadmin/server/adm_listen.c
src/kadmin/server/adm_nego.c
src/kadmin/server/adm_network.c
src/kadmin/server/adm_process.c
src/kadmin/server/adm_server.c

index 2873d261869cb7e72676b3be6dc6a27f3a3bfef6..81726febfeca04d3a6b5c15db5e95ab31ead6709 100644 (file)
@@ -1,3 +1,21 @@
+Wed Sep 14 22:33:23 1994  Theodore Y. Ts'o  (tytso@dcl)
+
+       * adm_server (init_db): Save a copy of the master key database
+               entry in the master_entry global variable.
+
+       * adm_process.c (process_client): Removed calls to
+               free(final_msg.data), where final_msg.data was pointing to
+               an automatic variable.
+
+       * adm_process.c (cpw_keyproc): In the case where the
+               keyprocarg->key is set, copy the keyblock instead of
+               passing a pointer down --- more pointer aliasing problems!
+
+       * adm_funcs.c (adm_modify_kdb): Added calls to krb5_copy_principal
+               instead of merely assigning pointers to one another and
+               causing pointer aliasing problems.  Make sure the master
+               key version number is propagated correctly.
+
 Thu Aug  4 03:38:58 1994  Tom Yu  (tlyu@dragons-lair)
 
        * Makefile.in: whoops install manpage as kadmin.8, not kadmin.1
index cb237a344d51b077d019d37663d32b9f3896e200..cd645c8fbdcfda24c713d0389177bb74331c90c6 100644 (file)
@@ -44,6 +44,7 @@
 #include <krb5/los-proto.h>
 #include <krb5/adm_defs.h>
 #include <krb5/adm_err.h>
+#include <krb5/kdb.h>
 #include "adm_extern.h"
 
 krb5_error_code
index fc2bbdb73525dc32ea5ec0eacb5eb82d17441d7c..7764588c2050fd7773a65993543a94fd95266437 100644 (file)
@@ -51,6 +51,7 @@ typedef struct {
 extern krb5_encrypt_block master_encblock;
 extern krb5_keyblock master_keyblock;
 extern krb5_principal master_princ;
+extern krb5_db_entry master_entry;
 
 extern volatile int signal_requests_exit;
 extern char *dbm_db_name;
index 544f28e2730065ccc0da3c8ffdec3492c372eaf4..315767d99d70bba702a3dc67b9fff854472f43c6 100644 (file)
@@ -60,20 +60,6 @@ struct saltblock {
 extern krb5_encrypt_block master_encblock;
 extern krb5_keyblock master_keyblock;
 
-struct mblock {
-    krb5_deltat max_life;
-    krb5_deltat max_rlife;
-    krb5_timestamp expiration;
-    krb5_flags flags;
-    krb5_kvno mkvno;
-} mblock = {                           /* XXX */
-    KRB5_KDB_MAX_LIFE,
-    KRB5_KDB_MAX_RLIFE,
-    KRB5_KDB_EXPIRATION,
-    KRB5_KDB_DEF_FLAGS,
-    0
-};
-
 typedef unsigned char des_cblock[8];
 
                /* krb5_kvno may be narrow */
@@ -158,26 +144,32 @@ OLDDECLARG(krb5_db_entry *, entry)
     int one = 1;
 
     krb5_kvno KDB5_VERSION_NUM = 1;
-    krb5_deltat KDB5_MAX_TKT_LIFE = KRB5_KDB_MAX_LIFE;
-    krb5_deltat KDB5_MAX_REN_LIFE = KRB5_KDB_MAX_RLIFE;
-    krb5_timestamp KDB5_EXP_DATE  = KRB5_KDB_EXPIRATION;
     extern krb5_flags NEW_ATTRIBUTES;
 
     if (!req_type) { /* New entry - initialize */
        memset((char *) entry, 0, sizeof(krb5_db_entry));
-        entry->principal = (krb5_principal) principal;
+       retval = krb5_copy_principal(principal, &entry->principal);
+       if (retval)
+               return retval;
         entry->kvno = KDB5_VERSION_NUM;
-        entry->max_life = KDB5_MAX_TKT_LIFE;
-        entry->max_renewable_life = KDB5_MAX_REN_LIFE;
-        entry->mkvno = mblock.mkvno;
-        entry->expiration = KDB5_EXP_DATE;
-        entry->mod_name = master_princ;
+        entry->max_life = master_entry.max_life;
+        entry->max_renewable_life = master_entry.max_renewable_life;
+        entry->mkvno = master_entry.mkvno;
+        entry->expiration = master_entry.expiration;
+       retval = krb5_copy_principal(master_princ, &entry->mod_name);
+       if (retval) {
+           krb5_free_principal(entry->principal);
+           entry->principal = 0;
+           return retval;
+       }
     } else { /* Modify existing entry */
        entry->kvno++;
 #ifdef SANDIA
        entry->attributes &= ~KRB5_KDB_REQUIRES_PWCHANGE;
 #endif
-       entry->mod_name = (krb5_principal) principal;
+       retval = krb5_copy_principal(principal, &entry->mod_name);
+       if (retval)
+               return retval;
     }
 
     if (key && key->length) {
index aacde37a42cb1d357efa01ff9d2b122005e067dc..d5ef808e842106a20180a975473fad8419d6ffc9 100644 (file)
@@ -29,6 +29,7 @@
 #include <krb5/los-proto.h>
 #include <krb5/adm_defs.h>
 #include <krb5/sysincl.h>
+#include <krb5/kdb.h>
 
 #include <syslog.h>
 #include <signal.h>
index 7f31d0a5554403d396b3083d14bce72f6a1a9e8e..e763cec6cc7d5dcf5963364c23af669ba2c94c67 100644 (file)
@@ -45,6 +45,7 @@
 #include <krb5/asn1.h>
 
 #include <krb5/adm_defs.h>
+#include <krb5/kdb.h>
 #include "adm_extern.h"
 
 krb5_error_code
index ef02864e5ee268e4ffd63ab3bc3a46a784f0d2cd..0deec9f7eb562d997b890597f43d3de0be10df01 100644 (file)
@@ -43,6 +43,7 @@
 #include <krb5/ext-proto.h>
 #include <krb5/los-proto.h>
 #include <krb5/adm_defs.h>
+#include <krb5/kdb.h>
 #include "adm_extern.h"
 
 extern int errno;
index 4e3297f63bbd922fae8bf74037ecb6e605090a8c..eca9fb040a3b09c6243bd32ccfd8ca26e19310be 100644 (file)
@@ -69,7 +69,9 @@ OLDDECLARG(krb5_keyblock **, key)
     arg = ( struct cpw_keyproc_arg *) keyprocarg;
 
     if (arg->key) {
-       *key = arg->key;
+       retval = krb5_copy_keyblock(arg->key, key);
+       if (retval)
+           return retval;
     } else {
        if (retval = krb5_parse_name(client_server_info.name_of_service, 
                                     &cpw_krb)) {
@@ -417,10 +419,8 @@ char *prog;
                         0,
                         &msg_data)) {
        syslog(LOG_ERR, "kadmind error Error Performing Final mk_priv");
-       free(final_msg.data);
        goto finish;
     }
-    free(final_msg.data);
     
         /* Send Final Reply to Client */
     if (retval = krb5_write_message(&client_server_info.client_socket,
index 01b91c05f3f67cc9b9ba4a95feb936ca51d22f97..a408331ffa838ce5c3d4f10bb255bc6ce31ede57 100644 (file)
@@ -73,6 +73,8 @@ global_client_server_info client_server_info;
 int classification;             /* default = Unclassified */
 #endif
 
+krb5_db_entry master_entry;
+
 krb5_flags NEW_ATTRIBUTES;
 
 cleanexit(val)
@@ -287,7 +289,24 @@ krb5_keyblock *masterkeyblock;
         (void) krb5_db_fini();
         return(retval);
     }
+
+/*
+ * fetch the master database entry, and hold on to it.
+ */
+    number_of_entries = 1;
+    if (retval = krb5_db_get_principal(masterkeyname, &master_entry, 
+                                      &number_of_entries, &more)) {
+       return(retval);
+    }
+    if (number_of_entries != 1) {
+       if (number_of_entries)
+           krb5_db_free_principal(&master_entry, number_of_entries);
+       return(KRB5_KDB_NOMASTERKEY);
+    } else if (more) {
+       krb5_db_free_principal(&master_entry, number_of_entries);
+       return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
+    }  
+
 /*
        fetch the TGS key, and hold onto it; this is an efficiency hack 
        the master key name here is from the master_princ global,