libpam-krb5 on Ubuntu 8.04 with MIT Kerberos and PKINIT
Russ Allbery
rra at stanford.edu
Thu May 15 14:43:52 EDT 2008
"Douglas E. Engert" <deengert at anl.gov> writes:
> I was trying to get the PKINIT working on Ubuntu 8.04
> which comes with:
> libpam-krb5 3.10-1
> krb5-pkinit 1.6.dfsg.3~beta1-2ubuntu1
>
> I had to make a change to the libpam-krb5 auth.c to remove a test for
> a bug that appears to be fixed in krb5-1.6.3 I just changed the #ifdef
> to not include the call to clear out the opts structure.
The bug was fixed in 1.6.3, but I didn't think it was fixed in such a way
as to make that code break anything. Not running that fixed something?
Does MIT now do what Heimdal does and zero out the allocated memory as
well when one runs opt_init?
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the krbdev
mailing list