Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 149633 Details for
Bug 231528
CVE-2007-0957 krb5_klog_syslog() stack buffer overflow
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Proposed upstream patch
CVE-2007-0957.patch (text/plain), 40.41 KB, created by
Josh Bressers
on 2007-03-08 21:02:42 UTC
(
hide
)
Description:
Proposed upstream patch
Filename:
MIME Type:
Creator:
Josh Bressers
Created:
2007-03-08 21:02:42 UTC
Size:
40.41 KB
patch
obsolete
>*** src/kadmin/server/kadm_rpc_svc.c (revision 19480) >--- src/kadmin/server/kadm_rpc_svc.c (local) >*************** >*** 250,255 **** >--- 250,257 ---- > krb5_data *c1, *c2, *realm; > gss_buffer_desc gss_str; > kadm5_server_handle_t handle; >+ size_t slen; >+ char *sdots; > > success = 0; > handle = (kadm5_server_handle_t)global_server_handle; >*************** >*** 274,279 **** >--- 276,283 ---- > if (ret == 0) > goto fail_name; > >+ slen = gss_str.length; >+ trunc_name(&slen, &sdots); > /* > * Since we accept with GSS_C_NO_NAME, the client can authenticate > * against the entire kdb. Therefore, ensure that the service >*************** >*** 296,303 **** > > fail_princ: > if (!success) { >! krb5_klog_syslog(LOG_ERR, "bad service principal %.*s", >! gss_str.length, gss_str.value); > } > gss_release_buffer(&min_stat, &gss_str); > krb5_free_principal(kctx, princ); >--- 300,307 ---- > > fail_princ: > if (!success) { >! krb5_klog_syslog(LOG_ERR, "bad service principal %.*s%s", >! slen, gss_str.value, sdots); > } > gss_release_buffer(&min_stat, &gss_str); > krb5_free_principal(kctx, princ); >*** src/kadmin/server/misc.c (revision 19480) >--- src/kadmin/server/misc.c (local) >*************** >*** 171,173 **** >--- 171,182 ---- > > return kadm5_free_principal_ent(handle->lhandle, &princ); > } >+ >+ #define MAXPRINCLEN 125 >+ >+ void >+ trunc_name(size_t *len, char **dots) >+ { >+ *dots = *len > MAXPRINCLEN ? "..." : ""; >+ *len = *len > MAXPRINCLEN ? MAXPRINCLEN : *len; >+ } >*** src/kadmin/server/misc.h (revision 19480) >--- src/kadmin/server/misc.h (local) >*************** >*** 45,47 **** >--- 45,49 ---- > #ifdef SVC_GETARGS > void kadm_1(struct svc_req *, SVCXPRT *); > #endif >+ >+ void trunc_name(size_t *len, char **dots); >*** src/kadmin/server/ovsec_kadmd.c (revision 19480) >--- src/kadmin/server/ovsec_kadmd.c (local) >*************** >*** 992,997 **** >--- 992,999 ---- > rpcproc_t proc; > int i; > const char *procname; >+ size_t clen, slen; >+ char *cdots, *sdots; > > client.length = 0; > client.value = NULL; >*************** >*** 1000,1009 **** > > (void) gss_display_name(&minor, client_name, &client, &gss_type); > (void) gss_display_name(&minor, server_name, &server, &gss_type); >! if (client.value == NULL) > client.value = "(null)"; >! if (server.value == NULL) > server.value = "(null)"; > a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr); > > proc = msg->rm_call.cb_proc; >--- 1002,1021 ---- > > (void) gss_display_name(&minor, client_name, &client, &gss_type); > (void) gss_display_name(&minor, server_name, &server, &gss_type); >! if (client.value == NULL) { > client.value = "(null)"; >! clen = sizeof("(null)") -1; >! } else { >! clen = client.length; >! } >! trunc_name(&clen, &cdots); >! if (server.value == NULL) { > server.value = "(null)"; >+ slen = sizeof("(null)") - 1; >+ } else { >+ slen = server.length; >+ } >+ trunc_name(&slen, &sdots); > a = inet_ntoa(rqst->rq_xprt->xp_raddr.sin_addr); > > proc = msg->rm_call.cb_proc; >*************** >*** 1016,1029 **** > } > if (procname != NULL) > krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %s, " >! "claimed client = %s, server = %s, addr = %s", >! procname, client.value, >! server.value, a); > else > krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %d, " >! "claimed client = %s, server = %s, addr = %s", >! proc, client.value, >! server.value, a); > > (void) gss_release_buffer(&minor, &client); > (void) gss_release_buffer(&minor, &server); >--- 1028,1041 ---- > } > if (procname != NULL) > krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %s, " >! "claimed client = %.*s%s, server = %.*s%s, addr = %s", >! procname, clen, client.value, cdots, >! slen, server.value, sdots, a); > else > krb5_klog_syslog(LOG_NOTICE, "WARNING! Forged/garbled request: %d, " >! "claimed client = %.*s%s, server = %.*s%s, addr = %s", >! proc, clen, client.value, cdots, >! slen, server.value, sdots, a); > > (void) gss_release_buffer(&minor, &client); > (void) gss_release_buffer(&minor, &server); >*** src/kadmin/server/schpw.c (revision 19480) >--- src/kadmin/server/schpw.c (local) >*************** >*** 40,45 **** >--- 40,47 ---- > int numresult; > char strresult[1024]; > char *clientstr; >+ size_t clen; >+ char *cdots; > > ret = 0; > rep->length = 0; >*************** >*** 258,266 **** > free(ptr); > clear.length = 0; > >! krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %s: %s", > inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr), >! clientstr, ret ? krb5_get_error_message (context, ret) : "success"); > krb5_free_unparsed_name(context, clientstr); > > if (ret) { >--- 260,271 ---- > free(ptr); > clear.length = 0; > >! clen = strlen(clientstr); >! trunc_name(&clen, &cdots); >! krb5_klog_syslog(LOG_NOTICE, "chpw request from %s for %.*s%s: %s", > inet_ntoa(((struct sockaddr_in *)&remote_addr)->sin_addr), >! clen, clientstr, cdots, >! ret ? krb5_get_error_message (context, ret) : "success"); > krb5_free_unparsed_name(context, clientstr); > > if (ret) { >*** src/kadmin/server/server_stubs.c (revision 19480) >--- src/kadmin/server/server_stubs.c (local) >*************** >*** 14,19 **** >--- 14,20 ---- > #include <arpa/inet.h> /* inet_ntoa */ > #include <adm_proto.h> /* krb5_klog_syslog */ > #include "misc.h" >+ #include <string.h> > > #define LOG_UNAUTH "Unauthorized request: %s, %s, client=%s, service=%s, addr=%s" > #define LOG_DONE "Request: %s, %s, %s, client=%s, service=%s, addr=%s" >*************** >*** 237,242 **** >--- 238,298 ---- > return 0; > } > >+ static int >+ log_unauth( >+ char *op, >+ char *target, >+ gss_buffer_t client, >+ gss_buffer_t server, >+ struct svc_req *rqstp) >+ { >+ size_t tlen, clen, slen; >+ char *tdots, *cdots, *sdots; >+ >+ tlen = strlen(target); >+ trunc_name(&tlen, &tdots); >+ clen = client->length; >+ trunc_name(&clen, &cdots); >+ slen = server->length; >+ trunc_name(&slen, &sdots); >+ >+ return krb5_klog_syslog(LOG_NOTICE, >+ "Unauthorized request: %s, %.*s%s, " >+ "client=%.*s%s, service=%.*s%s, addr=%s", >+ op, tlen, target, tdots, >+ clen, client->value, cdots, >+ slen, server->value, sdots, >+ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); >+ } >+ >+ static int >+ log_done( >+ char *op, >+ char *target, >+ char *errmsg, >+ gss_buffer_t client, >+ gss_buffer_t server, >+ struct svc_req *rqstp) >+ { >+ size_t tlen, clen, slen; >+ char *tdots, *cdots, *sdots; >+ >+ tlen = strlen(target); >+ trunc_name(&tlen, &tdots); >+ clen = client->length; >+ trunc_name(&clen, &cdots); >+ slen = server->length; >+ trunc_name(&slen, &sdots); >+ >+ return krb5_klog_syslog(LOG_NOTICE, >+ "Request: %s, %.*s%s, %s, " >+ "client=%.*s%s, service=%.*s%s, addr=%s", >+ op, tlen, target, tdots, errmsg, >+ clen, client->value, cdots, >+ slen, server->value, sdots, >+ inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); >+ } >+ > generic_ret * > create_principal_2_svc(cprinc_arg *arg, struct svc_req *rqstp) > { >*************** >*** 275,283 **** > || kadm5int_acl_impose_restrictions(handle->context, > &arg->rec, &arg->mask, rp)) { > ret.code = KADM5_AUTH_ADD; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_create_principal((void *)handle, > &arg->rec, arg->mask, >--- 331,338 ---- > || kadm5int_acl_impose_restrictions(handle->context, > &arg->rec, &arg->mask, rp)) { > ret.code = KADM5_AUTH_ADD; >! log_unauth("kadm5_create_principal", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_create_principal((void *)handle, > &arg->rec, arg->mask, >*************** >*** 287,296 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >--- 342,349 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_create_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >*************** >*** 341,349 **** > || kadm5int_acl_impose_restrictions(handle->context, > &arg->rec, &arg->mask, rp)) { > ret.code = KADM5_AUTH_ADD; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_create_principal_3((void *)handle, > &arg->rec, arg->mask, >--- 394,401 ---- > || kadm5int_acl_impose_restrictions(handle->context, > &arg->rec, &arg->mask, rp)) { > ret.code = KADM5_AUTH_ADD; >! log_unauth("kadm5_create_principal", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_create_principal_3((void *)handle, > &arg->rec, arg->mask, >*************** >*** 355,364 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >--- 407,414 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_create_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >*************** >*** 406,414 **** > || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_DELETE, > arg->princ, NULL)) { > ret.code = KADM5_AUTH_DELETE; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_delete_principal((void *)handle, arg->princ); > if( ret.code == 0 ) >--- 456,463 ---- > || !kadm5int_acl_check(handle->context, rqst2name(rqstp), ACL_DELETE, > arg->princ, NULL)) { > ret.code = KADM5_AUTH_DELETE; >! log_unauth("kadm5_delete_principal", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_delete_principal((void *)handle, arg->princ); > if( ret.code == 0 ) >*************** >*** 416,425 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >--- 465,472 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_delete_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >*************** >*** 469,477 **** > || kadm5int_acl_impose_restrictions(handle->context, > &arg->rec, &arg->mask, rp)) { > ret.code = KADM5_AUTH_MODIFY; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_modify_principal((void *)handle, &arg->rec, > arg->mask); >--- 516,523 ---- > || kadm5int_acl_impose_restrictions(handle->context, > &arg->rec, &arg->mask, rp)) { > ret.code = KADM5_AUTH_MODIFY; >! log_unauth("kadm5_modify_principal", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_modify_principal((void *)handle, &arg->rec, > arg->mask); >*************** >*** 480,489 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >--- 526,533 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_modify_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > > /* no need to check for NULL. Even if it is NULL, atleast error_code will be returned */ > } >*************** >*** 546,554 **** > } else > ret.code = KADM5_AUTH_INSUFFICIENT; > if (ret.code != KADM5_OK) { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_rename_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_rename_principal((void *)handle, arg->src, > arg->dest); >--- 590,597 ---- > } else > ret.code = KADM5_AUTH_INSUFFICIENT; > if (ret.code != KADM5_OK) { >! log_unauth("kadm5_rename_principal", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_rename_principal((void *)handle, arg->src, > arg->dest); >*************** >*** 557,566 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_rename_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > free(prime_arg1); >--- 600,607 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_rename_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > free(prime_arg1); >*************** >*** 614,622 **** > arg->princ, > NULL))) { > ret.code = KADM5_AUTH_GET; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > if (handle->api_version == KADM5_API_VERSION_1) { > ret.code = kadm5_get_principal_v1((void *)handle, >--- 655,662 ---- > arg->princ, > NULL))) { > ret.code = KADM5_AUTH_GET; >! log_unauth(funcname, prime_arg, >! &client_name, &service_name, rqstp); > } else { > if (handle->api_version == KADM5_API_VERSION_1) { > ret.code = kadm5_get_principal_v1((void *)handle, >*************** >*** 636,646 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, >! prime_arg, >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > } > free_server_handle(handle); >--- 676,683 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done(funcname, prime_arg, errmsg, >! &client_name, &service_name, rqstp); > > } > free_server_handle(handle); >*************** >*** 688,696 **** > NULL, > NULL)) { > ret.code = KADM5_AUTH_LIST; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_principals", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_get_principals((void *)handle, > arg->exp, &ret.princs, >--- 725,732 ---- > NULL, > NULL)) { > ret.code = KADM5_AUTH_LIST; >! log_unauth("kadm5_get_principals", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_get_principals((void *)handle, > arg->exp, &ret.princs, >*************** >*** 700,710 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_principals", >! prime_arg, >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > } > free_server_handle(handle); >--- 736,743 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_get_principals", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > > } > free_server_handle(handle); >*************** >*** 755,763 **** > ret.code = kadm5_chpass_principal((void *)handle, arg->princ, > arg->pass); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_CHANGEPW; > } > >--- 788,795 ---- > ret.code = kadm5_chpass_principal((void *)handle, arg->princ, > arg->pass); > } else { >! log_unauth("kadm5_chpass_principal", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_CHANGEPW; > } > >*************** >*** 767,776 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > > free_server_handle(handle); >--- 799,806 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_chpass_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > > free_server_handle(handle); >*************** >*** 828,836 **** > arg->ks_tuple, > arg->pass); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_chpass_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_CHANGEPW; > } > >--- 858,865 ---- > arg->ks_tuple, > arg->pass); > } else { >! log_unauth("kadm5_chpass_principal", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_CHANGEPW; > } > >*************** >*** 840,849 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_chpass_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > > free_server_handle(handle); >--- 869,876 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_chpass_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > > free_server_handle(handle); >*************** >*** 892,900 **** > ret.code = kadm5_setv4key_principal((void *)handle, arg->princ, > arg->keyblock); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setv4key_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_SETKEY; > } > >--- 919,926 ---- > ret.code = kadm5_setv4key_principal((void *)handle, arg->princ, > arg->keyblock); > } else { >! log_unauth("kadm5_setv4key_principal", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_SETKEY; > } > >*************** >*** 904,913 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setv4key_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > > free_server_handle(handle); >--- 930,937 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_setv4key_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > > free_server_handle(handle); >*************** >*** 956,964 **** > ret.code = kadm5_setkey_principal((void *)handle, arg->princ, > arg->keyblocks, arg->n_keys); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_SETKEY; > } > >--- 980,987 ---- > ret.code = kadm5_setkey_principal((void *)handle, arg->princ, > arg->keyblocks, arg->n_keys); > } else { >! log_unauth("kadm5_setkey_principal", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_SETKEY; > } > >*************** >*** 968,977 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > > free_server_handle(handle); >--- 991,998 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_setkey_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > > free_server_handle(handle); >*************** >*** 1023,1031 **** > arg->ks_tuple, > arg->keyblocks, arg->n_keys); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_setkey_principal", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_SETKEY; > } > >--- 1044,1051 ---- > arg->ks_tuple, > arg->keyblocks, arg->n_keys); > } else { >! log_unauth("kadm5_setkey_principal", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_SETKEY; > } > >*************** >*** 1035,1044 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_setkey_principal", >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > > free_server_handle(handle); >--- 1055,1062 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_setkey_principal", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > > free_server_handle(handle); >*************** >*** 1097,1105 **** > ret.code = kadm5_randkey_principal((void *)handle, arg->princ, > &k, &nkeys); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_CHANGEPW; > } > >--- 1115,1122 ---- > ret.code = kadm5_randkey_principal((void *)handle, arg->princ, > &k, &nkeys); > } else { >! log_unauth(funcname, prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_CHANGEPW; > } > >*************** >*** 1119,1128 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > free(prime_arg); >--- 1136,1143 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done(funcname, prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > free(prime_arg); >*************** >*** 1185,1193 **** > arg->ks_tuple, > &k, &nkeys); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_CHANGEPW; > } > >--- 1200,1207 ---- > arg->ks_tuple, > &k, &nkeys); > } else { >! log_unauth(funcname, prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_CHANGEPW; > } > >*************** >*** 1207,1216 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, >! prime_arg, errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > free(prime_arg); >--- 1221,1228 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done(funcname, prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > free(prime_arg); >*************** >*** 1253,1262 **** > rqst2name(rqstp), > ACL_ADD, NULL, NULL)) { > ret.code = KADM5_AUTH_ADD; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_create_policy", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); >! > } else { > ret.code = kadm5_create_policy((void *)handle, &arg->rec, > arg->mask); >--- 1265,1273 ---- > rqst2name(rqstp), > ACL_ADD, NULL, NULL)) { > ret.code = KADM5_AUTH_ADD; >! log_unauth("kadm5_create_policy", prime_arg, >! &client_name, &service_name, rqstp); >! > } else { > ret.code = kadm5_create_policy((void *)handle, &arg->rec, > arg->mask); >*************** >*** 1265,1275 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_create_policy", >! ((prime_arg == NULL) ? "(null)" : prime_arg), >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >--- 1276,1284 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_create_policy", >! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >*************** >*** 1310,1318 **** > if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, > rqst2name(rqstp), > ACL_DELETE, NULL, NULL)) { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_delete_policy", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_DELETE; > } else { > ret.code = kadm5_delete_policy((void *)handle, arg->name); >--- 1319,1326 ---- > if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, > rqst2name(rqstp), > ACL_DELETE, NULL, NULL)) { >! log_unauth("kadm5_delete_policy", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_DELETE; > } else { > ret.code = kadm5_delete_policy((void *)handle, arg->name); >*************** >*** 1321,1331 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_delete_policy", >! ((prime_arg == NULL) ? "(null)" : prime_arg), >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >--- 1329,1337 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_delete_policy", >! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >*************** >*** 1366,1374 **** > if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, > rqst2name(rqstp), > ACL_MODIFY, NULL, NULL)) { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_modify_policy", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > ret.code = KADM5_AUTH_MODIFY; > } else { > ret.code = kadm5_modify_policy((void *)handle, &arg->rec, >--- 1372,1379 ---- > if (CHANGEPW_SERVICE(rqstp) || !kadm5int_acl_check(handle->context, > rqst2name(rqstp), > ACL_MODIFY, NULL, NULL)) { >! log_unauth("kadm5_modify_policy", prime_arg, >! &client_name, &service_name, rqstp); > ret.code = KADM5_AUTH_MODIFY; > } else { > ret.code = kadm5_modify_policy((void *)handle, &arg->rec, >*************** >*** 1378,1388 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_modify_policy", >! ((prime_arg == NULL) ? "(null)" : prime_arg), >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >--- 1383,1391 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_modify_policy", >! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >*************** >*** 1464,1478 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, funcname, >! ((prime_arg == NULL) ? "(null)" : prime_arg), >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, funcname, >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >--- 1467,1478 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done(funcname, >! ((prime_arg == NULL) ? "(null)" : prime_arg), errmsg, >! &client_name, &service_name, rqstp); > } else { >! log_unauth(funcname, prime_arg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >*************** >*** 1517,1525 **** > rqst2name(rqstp), > ACL_LIST, NULL, NULL)) { > ret.code = KADM5_AUTH_LIST; >! krb5_klog_syslog(LOG_NOTICE, LOG_UNAUTH, "kadm5_get_policies", >! prime_arg, client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } else { > ret.code = kadm5_get_policies((void *)handle, > arg->exp, &ret.pols, >--- 1517,1524 ---- > rqst2name(rqstp), > ACL_LIST, NULL, NULL)) { > ret.code = KADM5_AUTH_LIST; >! log_unauth("kadm5_get_policies", prime_arg, >! &client_name, &service_name, rqstp); > } else { > ret.code = kadm5_get_policies((void *)handle, > arg->exp, &ret.pols, >*************** >*** 1529,1539 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_policies", >! prime_arg, >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >--- 1528,1535 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_get_policies", prime_arg, errmsg, >! &client_name, &service_name, rqstp); > } > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >*************** >*** 1573,1583 **** > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE, "kadm5_get_privs", >! client_name.value, >! errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr)); > > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >--- 1569,1576 ---- > else > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); > >! log_done("kadm5_get_privs", client_name.value, errmsg, >! &client_name, &service_name, rqstp); > > free_server_handle(handle); > gss_release_buffer(&minor_stat, &client_name); >*************** >*** 1594,1599 **** >--- 1587,1594 ---- > kadm5_server_handle_t handle; > OM_uint32 minor_stat; > char *errmsg = 0; >+ size_t clen, slen; >+ char *cdots, *sdots; > > xdr_free(xdr_generic_ret, &ret); > >*************** >*** 1612,1625 **** > > if (ret.code != 0) > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); >! krb5_klog_syslog(LOG_NOTICE, LOG_DONE ", flavor=%d", >! (ret.api_version == KADM5_API_VERSION_1 ? >! "kadm5_init (V1)" : "kadm5_init"), >! client_name.value, >! (ret.code == 0) ? "success" : errmsg, >! client_name.value, service_name.value, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr), >! rqstp->rq_cred.oa_flavor); > gss_release_buffer(&minor_stat, &client_name); > gss_release_buffer(&minor_stat, &service_name); > >--- 1607,1628 ---- > > if (ret.code != 0) > errmsg = krb5_get_error_message(handle ? handle->context : NULL, ret.code); >! else >! errmsg = "success"; >! >! clen = client_name.length; >! trunc_name(&clen, &cdots); >! slen = service_name.length; >! trunc_name(&slen, &sdots); >! krb5_klog_syslog(LOG_NOTICE, "Request: %s, %.*s%s, %s, " >! "client=%.*s%s, service=%.*s%s, addr=%s, flavor=%d", >! (ret.api_version == KADM5_API_VERSION_1 ? >! "kadm5_init (V1)" : "kadm5_init"), >! clen, client_name.value, cdots, errmsg, >! clen, client_name.value, cdots, >! slen, service_name.value, sdots, >! inet_ntoa(rqstp->rq_xprt->xp_raddr.sin_addr), >! rqstp->rq_cred.oa_flavor); > gss_release_buffer(&minor_stat, &client_name); > gss_release_buffer(&minor_stat, &service_name); > >*** src/kdc/do_tgs_req.c (revision 19480) >--- src/kdc/do_tgs_req.c (local) >*************** >*** 491,518 **** > newtransited = 1; > } > if (!isflagset (request->kdc_options, KDC_OPT_DISABLE_TRANSITED_CHECK)) { > errcode = krb5_check_transited_list (kdc_context, > &enc_tkt_reply.transited.tr_contents, > krb5_princ_realm (kdc_context, header_ticket->enc_part2->client), > krb5_princ_realm (kdc_context, request->server)); > if (errcode == 0) { > setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED); > } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT) > krb5_klog_syslog (LOG_INFO, >! "bad realm transit path from '%s' to '%s' via '%.*s'", > cname ? cname : "<unknown client>", > sname ? sname : "<unknown server>", >! enc_tkt_reply.transited.tr_contents.length, >! enc_tkt_reply.transited.tr_contents.data); > else { > const char *emsg = krb5_get_error_message(kdc_context, errcode); > krb5_klog_syslog (LOG_ERR, >! "unexpected error checking transit from '%s' to '%s' via '%.*s': %s", > cname ? cname : "<unknown client>", > sname ? sname : "<unknown server>", >! enc_tkt_reply.transited.tr_contents.length, > enc_tkt_reply.transited.tr_contents.data, >! emsg); > krb5_free_error_message(kdc_context, emsg); > } > } else >--- 491,528 ---- > newtransited = 1; > } > if (!isflagset (request->kdc_options, KDC_OPT_DISABLE_TRANSITED_CHECK)) { >+ unsigned int tlen; >+ char *tdots; >+ > errcode = krb5_check_transited_list (kdc_context, > &enc_tkt_reply.transited.tr_contents, > krb5_princ_realm (kdc_context, header_ticket->enc_part2->client), > krb5_princ_realm (kdc_context, request->server)); >+ tlen = enc_tkt_reply.transited.tr_contents.length; >+ tdots = tlen > 125 ? "..." : ""; >+ tlen = tlen > 125 ? 125 : tlen; >+ > if (errcode == 0) { > setflag (enc_tkt_reply.flags, TKT_FLG_TRANSIT_POLICY_CHECKED); > } else if (errcode == KRB5KRB_AP_ERR_ILL_CR_TKT) > krb5_klog_syslog (LOG_INFO, >! "bad realm transit path from '%s' to '%s' " >! "via '%.*s%s'", > cname ? cname : "<unknown client>", > sname ? sname : "<unknown server>", >! tlen, >! enc_tkt_reply.transited.tr_contents.data, >! tdots); > else { > const char *emsg = krb5_get_error_message(kdc_context, errcode); > krb5_klog_syslog (LOG_ERR, >! "unexpected error checking transit from " >! "'%s' to '%s' via '%.*s%s': %s", > cname ? cname : "<unknown client>", > sname ? sname : "<unknown server>", >! tlen, > enc_tkt_reply.transited.tr_contents.data, >! tdots, emsg); > krb5_free_error_message(kdc_context, emsg); > } > } else >*************** >*** 542,547 **** >--- 552,560 ---- > if (!krb5_principal_compare(kdc_context, request->server, client2)) { > if ((errcode = krb5_unparse_name(kdc_context, client2, &tmp))) > tmp = 0; >+ if (tmp != NULL) >+ limit_string(tmp); >+ > krb5_klog_syslog(LOG_INFO, > "TGS_REQ %s: 2ND_TKT_MISMATCH: " > "authtime %d, %s for %s, 2nd tkt client %s", >*************** >*** 816,821 **** >--- 829,835 ---- > krb5_klog_syslog(LOG_INFO, > "TGS_REQ: issuing alternate <un-unparseable> TGT"); > } else { >+ limit_string(sname); > krb5_klog_syslog(LOG_INFO, > "TGS_REQ: issuing TGT %s", sname); > free(sname); >*** src/kdc/kdc_util.c (revision 19480) >--- src/kdc/kdc_util.c (local) >*************** >*** 404,409 **** >--- 404,410 ---- > > krb5_db_free_principal(kdc_context, &server, nprincs); > if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) { >+ limit_string(sname); > krb5_klog_syslog(LOG_ERR,"TGS_REQ: UNKNOWN SERVER: server='%s'", > sname); > free(sname); >*** src/lib/kadm5/logger.c (revision 19480) >--- src/lib/kadm5/logger.c (local) >*************** >*** 45,51 **** > #include <varargs.h> > #endif /* HAVE_STDARG_H */ > >! #define KRB5_KLOG_MAX_ERRMSG_SIZE 1024 > #ifndef MAXHOSTNAMELEN > #define MAXHOSTNAMELEN 256 > #endif /* MAXHOSTNAMELEN */ >--- 45,51 ---- > #include <varargs.h> > #endif /* HAVE_STDARG_H */ > >! #define KRB5_KLOG_MAX_ERRMSG_SIZE 2048 > #ifndef MAXHOSTNAMELEN > #define MAXHOSTNAMELEN 256 > #endif /* MAXHOSTNAMELEN */ >*************** >*** 261,267 **** > #endif /* HAVE_SYSLOG */ > > /* Now format the actual message */ >! #if HAVE_VSPRINTF > vsprintf(cp, actual_format, ap); > #else /* HAVE_VSPRINTF */ > sprintf(cp, actual_format, ((int *) ap)[0], ((int *) ap)[1], >--- 261,269 ---- > #endif /* HAVE_SYSLOG */ > > /* Now format the actual message */ >! #if HAVE_VSNPRINTF >! vsnprintf(cp, sizeof(outbuf) - (cp - outbuf), actual_format, ap); >! #elif HAVE_VSPRINTF > vsprintf(cp, actual_format, ap); > #else /* HAVE_VSPRINTF */ > sprintf(cp, actual_format, ((int *) ap)[0], ((int *) ap)[1], >*************** >*** 850,856 **** > syslogp = &outbuf[strlen(outbuf)]; > > /* Now format the actual message */ >! #ifdef HAVE_VSPRINTF > vsprintf(syslogp, format, arglist); > #else /* HAVE_VSPRINTF */ > sprintf(syslogp, format, ((int *) arglist)[0], ((int *) arglist)[1], >--- 852,860 ---- > syslogp = &outbuf[strlen(outbuf)]; > > /* Now format the actual message */ >! #ifdef HAVE_VSNPRINTF >! vsnprintf(syslogp, sizeof(outbuf) - (syslogp - outbuf), format, arglist); >! #elif HAVE_VSPRINTF > vsprintf(syslogp, format, arglist); > #else /* HAVE_VSPRINTF */ > sprintf(syslogp, format, ((int *) arglist)[0], ((int *) arglist)[1], >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=149633">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 231528
: 149633