Error applying MITKRB5-SA-2007-002 on krb5-1.5
simonst@wellsfargo.com
simonst at wellsfargo.com
Fri Apr 6 14:34:19 EDT 2007
Patch MITKRB5-SA-2007-002 is failing to apply on krb5-1.5:
[rpmdev]$ patch -p0 <2007-002-patch.txt
patching file src/kadmin/server/kadm_rpc_svc.c
patching file src/kadmin/server/misc.c
patching file src/kadmin/server/misc.h
patching file src/kadmin/server/ovsec_kadmd.c
Hunk #1 succeeded at 989 with fuzz 2 (offset -3 lines).
Hunk #2 succeeded at 997 (offset -5 lines).
Hunk #3 succeeded at 1025 (offset -3 lines).
patching file src/kadmin/server/schpw.c
patching file src/kadmin/server/server_stubs.c
patching file src/kdc/do_tgs_req.c
Hunk #1 FAILED at 491.
Hunk #2 succeeded at 550 (offset -2 lines).
1 out of 3 hunks FAILED -- saving rejects to file
src/kdc/do_tgs_req.c.rej
patching file src/kdc/kdc_util.c
patching file src/lib/kadm5/logger.c
Here's the complete cmdline output:
[rpmdev]$ uname -a
Linux rpmdev 2.4.21-37.ELsmp #1 SMP Wed Sep 7 13:28:55 EDT 2005 i686 i686
i386 GNU/Linux
[rpmdev]$ gpgv -v krb5-1.5.tar.gz.asc
gpgv: armor header: Version: GnuPG v1.4.3 (SunOS)
gpgv: assuming signed data in `krb5-1.5.tar.gz'
gpgv: Signature made Fri 30 Jun 2006 10:16:09 PM PDT using RSA key ID
F376813D
gpgv: Good signature from "Tom Yu <tlyu at MIT.EDU>"
gpgv: aka "Tom Yu <tlyu at MIT.EDU>"
[rpmdev]$ md5sum krb5-1.5.tar.gz
fe62bcd315fe4139e4fa05732ce8abde krb5-1.5.tar.gz
[rpmdev]$ tar xzf krb5-1.5.tar.gz
[rpmdev]$ cd krb5-1.5
[rpmdev]$ wget http://web.mit.edu/kerberos/advisories/2007-002-patch.txt
--11:05:42-- http://web.mit.edu/kerberos/advisories/2007-002-patch.txt
=> `2007-002-patch.txt'
Length: 41,658 (41K) [text/plain]
100%[====================================================>] 41,658
106.89K/s
11:05:43 (106.55 KB/s) - `2007-002-patch.txt' saved [41658/41658]
[rpmdev]$ md5sum 2007-002-patch.txt
25b7ae9462b7439f7d11064138aac11e 2007-002-patch.txt
[rpmdev]$ head 2007-002-patch.txt
*** src/kadmin/server/kadm_rpc_svc.c (revision 19480)
--- src/kadmin/server/kadm_rpc_svc.c (local)
***************
*** 250,255 ****
--- 250,257 ----
krb5_data *c1, *c2, *realm;
gss_buffer_desc gss_str;
kadm5_server_handle_t handle;
+ size_t slen;
+ char *sdots;
[rpmdev]$ patch -p0 <2007-002-patch.txt
patching file src/kadmin/server/kadm_rpc_svc.c
patching file src/kadmin/server/misc.c
patching file src/kadmin/server/misc.h
patching file src/kadmin/server/ovsec_kadmd.c
Hunk #1 succeeded at 989 with fuzz 2 (offset -3 lines).
Hunk #2 succeeded at 997 (offset -5 lines).
Hunk #3 succeeded at 1025 (offset -3 lines).
patching file src/kadmin/server/schpw.c
patching file src/kadmin/server/server_stubs.c
patching file src/kdc/do_tgs_req.c
Hunk #1 FAILED at 491.
Hunk #2 succeeded at 550 (offset -2 lines).
1 out of 3 hunks FAILED -- saving rejects to file src/kdc/do_tgs_req.c.rej
patching file src/kdc/kdc_util.c
patching file src/lib/kadm5/logger.c
[rpmdev]$ cat src/kdc/do_tgs_req.c.rej
***************
*** 491,518 ****
newtransited = 1;
}
if (!isflagset (request->kdc_options,
KDC_OPT_DISABLE_TRANSITED_CHECK)) {
errcode = krb5_check_transited_list (kdc_context,
&enc_tkt_reply.transited.tr_contents,
krb5_princ_realm (kdc_context,
header_ticket->enc_part2->client),
krb5_princ_realm (kdc_context,
request->server));
if (errcode == 0) {
setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED);
} else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT)
krb5_klog_syslog (LOG_INFO,
! "bad realm transit path from '%s' to '%s' via
'%.*s'",
cname ? cname : "<unknown client>",
sname ? sname : "<unknown server>",
! enc_tkt_reply.transited.tr_contents.length,
! enc_tkt_reply.transited.tr_contents.data);
else {
const char *emsg = krb5_get_error_message(kdc_context, errcode);
krb5_klog_syslog (LOG_ERR,
! "unexpected error checking transit from '%s'
to '%s' via '%.*s': %s",
cname ? cname : "<unknown client>",
sname ? sname : "<unknown server>",
! enc_tkt_reply.transited.tr_contents.length,
enc_tkt_reply.transited.tr_contents.data,
! emsg);
krb5_free_error_message(kdc_context, emsg);
}
} else
--- 491,528 ----
newtransited = 1;
}
if (!isflagset (request->kdc_options,
KDC_OPT_DISABLE_TRANSITED_CHECK)) {
+ unsigned int tlen;
+ char *tdots;
+
errcode = krb5_check_transited_list (kdc_context,
&enc_tkt_reply.transited.tr_contents,
krb5_princ_realm (kdc_context,
header_ticket->enc_part2->client),
krb5_princ_realm (kdc_context,
request->server));
+ tlen = enc_tkt_reply.transited.tr_contents.length;
+ tdots = tlen > 125 ? "..." : "";
+ tlen = tlen > 125 ? 125 : tlen;
+
if (errcode == 0) {
setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED);
} else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT)
krb5_klog_syslog (LOG_INFO,
! "bad realm transit path from '%s' to '%s' "
! "via '%.*s%s'",
cname ? cname : "<unknown client>",
sname ? sname : "<unknown server>",
! tlen,
! enc_tkt_reply.transited.tr_contents.data,
! tdots);
else {
const char *emsg = krb5_get_error_message(kdc_context, errcode);
krb5_klog_syslog (LOG_ERR,
! "unexpected error checking transit from "
! "'%s' to '%s' via '%.*s%s': %s",
cname ? cname : "<unknown client>",
sname ? sname : "<unknown server>",
! tlen,
enc_tkt_reply.transited.tr_contents.data,
! tdots, emsg);
krb5_free_error_message(kdc_context, emsg);
}
} else
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5621 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20070406/3af2a566/attachment.bin
More information about the Kerberos
mailing list