* krcp.c (answer_auth): Should not call krb5_cc_close after

		krb5_cc_destroy. (encrypted rcp failed).

	* krlogind.c (main): -S option was not getting a keytab. (passing
		a char * to krb5_compat_recvauth).

	* krshd.c (recvauth): extract the client principal from ticket
		before calling krb5_kuserok on a NULL principal.
		(main): -S option was not getting a keytab (passing a char *).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5536 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog
index 394afcb0284dbff5610fd20767cd3ecf6ee66cbb..f1322b4dd90d1ce40d6d652dfa4f7acadaebedbc 100644 (file)
--- a/src/appl/bsd/ChangeLog
+++ b/src/appl/bsd/ChangeLog
@@ -1,7 +1,14 @@
 Thu Apr 27 01:09:19 1995  Ezra Peisach  <epeisach@kangaroo.mit.edu>
 
+       * krcp.c (answer_auth): Should not call krb5_cc_close after
+               krb5_cc_destroy. (encrypted rcp failed).
+
+       * krlogind.c (main): -S option was not getting a keytab. (passing
+               a char * to krb5_compat_recvauth).
+
        * krshd.c (recvauth): extract the client principal from ticket
                before calling krb5_kuserok on a NULL principal.
+               (main): -S option was not getting a keytab (passing a char *).
 
        * krcp.c: (main): Missing htons on port number when specified on
                command line.

diff --git a/src/appl/bsd/krcp.c b/src/appl/bsd/krcp.c
index eb139acc977ee706fefdb9cc298f42a4116bc94e..7aa446530c6707b425c1a0be174e71b53828a8a0 100644 (file)
--- a/src/appl/bsd/krcp.c
+++ b/src/appl/bsd/krcp.c
@@ -1324,13 +1324,11 @@ void
     
     if (status = krb5_cc_get_principal(bsd_context, cc, &creds.client)){
        krb5_cc_destroy(bsd_context, cc);
-       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     
     if (status = krb5_parse_name(bsd_context, pname_data.data, &creds.server)){
        krb5_cc_destroy(bsd_context, cc);
-       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     krb5_xfree(pname_data.data);
@@ -1338,7 +1336,6 @@ void
     if (status = krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc, 
                                      &creds, &new_creds)){
        krb5_cc_destroy(bsd_context, cc);
-       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
 
@@ -1346,11 +1343,9 @@ void
                                      AP_OPTS_USE_SESSION_KEY,
                                      NULL, new_creds, &msg)) {
        krb5_cc_destroy(bsd_context, cc);
-       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     krb5_cc_destroy(bsd_context, cc);
-    krb5_cc_close(bsd_context, cc);
     status = krb5_write_message(bsd_context, (krb5_pointer) &rem, &msg);
     krb5_xfree(msg.data);
     if (status){

diff --git a/src/appl/bsd/krlogind.c b/src/appl/bsd/krlogind.c
index 72a216363d2e813459078b13a7d7c0601906f38e..c011a35e1e0edb56748c921580a14fe350c1d0a5 100644 (file)
--- a/src/appl/bsd/krlogind.c
+++ b/src/appl/bsd/krlogind.c
@@ -245,7 +245,7 @@ krb5_authenticator      *kdata;
 krb5_ticket     *ticket = 0;
 krb5_context bsd_context;
 
-char *srvtab = NULL;
+krb5_keytab keytab = NULL;
 
 #define ARGSTR "rRkKeExXpPD:S:M:L:?"
 #else /* !KERBEROS */
@@ -314,6 +314,9 @@ main(argc, argv)
     char *options;
     int debug_port = 0;
     int fd;
+#ifdef KERBEROS
+    krb5_error_code status;
+#endif
     
     progname = *argv;
     
@@ -393,7 +396,11 @@ main(argc, argv)
          break;
 #endif
        case 'S':
-         srvtab = optarg;
+         if (status = krb5_kt_resolve(bsd_context, optarg, &keytab)) {
+                 com_err(progname, status, "while resolving srvtab file %s",
+                         optarg);
+                 exit(2);
+         }
          break;
        case 'M':
          krb5_set_default_realm(bsd_context, optarg);
@@ -1572,7 +1579,7 @@ recvauth()
                                  server,       /* Specify daemon principal */
                                  0,            /* default rc_type */
                                  0,            /* no flags */
-                                 srvtab, /* normally NULL to use v5srvtab */
+                                 keytab, /* normally NULL to use v5srvtab */
 
                                  do_encrypt ? KOPT_DO_MUTUAL : 0, /*v4_opts*/
                                  "rcmd",       /* v4_service */

diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c
index 287843a381d5ad59e07ff58b2fbebe3d41ab5cbc..0dee15af91b1629db53764836d1e752e356b908c 100644 (file)
--- a/src/appl/bsd/krshd.c
+++ b/src/appl/bsd/krshd.c
@@ -176,6 +176,7 @@ char des_outbuf[2*BUFSIZ];        /* needs to be > largest write size */
 krb5_data desinbuf,desoutbuf;
 krb5_context bsd_context;
 char *srvtab = NULL;
+krb5_keytab keytab = NULL;
 
 void fatal();
 int v5_des_read();
@@ -246,6 +247,9 @@ main(argc, argv)
     int i;
     int fd;
     int debug_port = 0;
+#ifdef KERBEROS
+    krb5_error_code status;
+#endif
 
 #ifdef CRAY
     secflag = sysconf(_SC_CRAY_SECURE_SYS);
@@ -323,7 +327,11 @@ main(argc, argv)
          break;
 
        case 'S':
-         srvtab = optarg;
+         if (status = krb5_kt_resolve(bsd_context, optarg, &keytab)) {
+                 com_err(progname, status, "while resolving srvtab file %s",
+                         optarg);
+                 exit(2);
+         }
          break;
 
        case 'M':
@@ -1629,7 +1637,7 @@ recvauth(netf, peersin, peeraddr)
                                  server, /* Specify daemon principal */
                                  0,            /* default rc_type */
                                  0,            /* no flags */
-                                 srvtab, /* normally NULL to use v5srvtab */
+                                 keytab, /* normally NULL to use v5srvtab */
                                  0,            /* v4_opts */
                                  "rcmd",       /* v4_service */
                                  v4_instance,  /* v4_instance */