cracklib patch crashes kadmind

Raymond M Schneider ray at securityfoo.net
Thu Oct 3 13:53:32 EDT 2002


On Thu, Oct 03, 2002 at 12:57:02PM -0400, Ken Hornstein wrote:
> >Well I tried to hack server_dict.c with crack lib and when attempting
> >to change a password kadmind dies.  So I grabed the patch for
> >server_dict out of the monster-patch for afs-krb5 and applied it, and
> >got the same results.  I just recomplied the libraries both times.
> >
> >I am using the krb5-1.2.5 source code, and the monster-patch from
> >afs-krb5-1.3.
> 
> It's not surprising, since the monster patch is from ... what, 1.0.6?
> 

Ive got the cracklib bits stripped out of the monster patch applied to 
1.2.5 I believe, works with no problem. I dont give people the option at
configure time though, the macro is hardcoded so it _has_ to use cracklib
all the time. ;)

So that said, I just wanted to give words of encouragement. just strip out
Kens bits about cracklib for the server_dict.c file and apply them, then
deal with the macro as you see fit, either let configure play with it or
set it in the file..ie.

#define KADM5_USE_CRACKLIB 1

put that in and cracklib will always be used. I didnt want anyone not using
cracklib so this was my approach at that time..

So just slurp the bit of monster patch out that has to do with FascistCheck
and patch server_dict.c with it and add the macro define above and you
should be in business...

-ray



More information about the Kerberos mailing list