Weird cross-realm behaviour after upgrade to Heimdal 7.3

Greg Hudson ghudson at mit.edu
Wed Jul 12 04:19:48 CEST 2017


On 07/11/2017 10:37 AM, Andreas Haupt wrote:
> On Mon, 2017-07-10 at 08:32 -0400, Jeffrey Hutzelman wrote:
>> This is a bug in the kdc, or possibly two bugs. First, the database lookup
>> failed and no entry was returned, but the error code was not set and so
>> remained zero, which com_err translates as "Success".

>> Second, the kdc is not sending any response at all.

I think the bug was introduced by commit
4b4036c9a6697f0101c60845e19664f64fdd0810 and is that the value of ret is
squashed by the call to _krb5_find_capath() in tgs_build_reply().  In
this scenario, I believe the call succeeds, but doesn't find any
capaths, so we don't goto server_lookup, instead dropping down and going
to out with ret still 0.  _kdc_tgs_rep() doesn't create an error reply
if ret is 0, so the KDC sends no reply.


More information about the Heimdal-discuss mailing list