[krbdev.mit.edu #6704] Small kdc/kdc_preauth.c mods for your consideration

Jeff Blaine via RT rt-comment at krbdev.mit.edu
Fri Apr 23 15:39:58 EDT 2010 

As usual, don't assume I have any clue, but I am trying to
fold what I consider small worthwhile changes into future
releases.

In order as seen in the diff:

* Log the static preauth mechs that have been found to be
   "valid"

* Log the dynamic preauth mechs that have been found to be
   "valid"

* Check against NULL, not 0, per the calloc()/malloc() man
   page.  A nitpick.

* Set length to 0, not NULL.  This cleared up a gcc warning,
   so maybe it's right...

--- ../../PRISTINE-DONT-MOD-krb5-1.8/src/kdc/kdc_preauth.c	2010-02-12 
15:28:39.000000000 -0500
+++ kdc/kdc_preauth.c	2010-04-23 11:13:16.000000000 -0400
@@ -490,6 +490,9 @@
              ((*server_init_proc)(context, &plugin_context,
                                   (const char **)kdc_realm_names) != 0)) {
              memset(&preauth_systems[k], 0, sizeof(preauth_systems[k]));
+            krb5_klog_syslog (LOG_INFO,
+                            "Static preauth mechanism %s valid for use.",
+                            static_preauth_systems[i].name);
              continue;
          }
          preauth_systems[k].plugin_context = plugin_context;
@@ -537,6 +540,9 @@
                  }
                  preauth_systems[k].name = ftable->name;
                  preauth_systems[k].type = ftable->pa_type_list[j];
+                krb5_klog_syslog (LOG_INFO,
+                                 "Dynamic preauth mechanism %s valid 
for use.",
+                                 preauth_systems[k].name);
                  if (ftable->flags_proc != NULL)
                      preauth_systems[k].flags = ftable->flags_proc(context,
 
preauth_systems[k].type);
@@ -1006,8 +1012,11 @@
      hw_only = isflagset(client->attributes, KRB5_KDB_REQUIRES_HW_AUTH);
      /* Allocate two extra entries for the cookie and the terminator. */
      pa_data = calloc(n_preauth_systems + 2, sizeof(krb5_pa_data *));
-    if (pa_data == 0)
+    if (pa_data == NULL) {
+        krb5_klog_syslog (LOG_INFO,
+                          "Not enough memory in get_preauth_hint_list");
          return;
+    }
      pa = pa_data;
       for (ap = preauth_systems; ap->type != -1; ap++) {
@@ -1328,7 +1337,7 @@
      }
      key_modified = FALSE;
      null_item.contents = NULL;
-    null_item.length = NULL;
+    null_item.length = 0;
      send_pa = send_pa_list;
      *send_pa = 0;

More information about the krb5-bugs mailing list