Re: smbk5pwd crash for missing symbol

[Guillaume Rousse <Guillaume.Rousse@inria.fr>]

Love HÃrnquist Ãstrand a Ãcrit :
> 26 maj 2008 kl. 08.27 skrev Guillaume Rousse:
>
> > Hello list(s).
> >
> > I'm having a crash as soon as I attempt to change my password when 
> > smbk5pwd is activating. strace shows an unresolved symbol in 
> > smbk5pwd.so:  _kadm5_free_keys
> >
> > Heimdal source code shows this function is defined in libkadm5srv.so 
> > (/usr/lib/libkadm5srv.so.8.0.1) for heimdal 1.1. But this seems to be 
> > a private symbol, as objdump -T doesn't list it. Looking at heimdal 
> > Makefile.am, it seems a special configuration file is used 
> > (lib/krb5/version-script.map) to filter exported symbols, if linker 
> > support the use of -Wl,--version-script option. I couldn't find any 
> > description  of this option.
> >
> > Is this possible smbk5pwd author would have by mistake used a private 
> > function, only working because he build heimdal on a host whose linker 
> > doesn't support --version-script option ?
> >
> > I'm using heimdal 1.1 and openldap 2.4.8 on mandriva linux.
>
>
> I unexported the function since there was no function that returned key 
> set-data.
>
> Same goes for _kadm5_set_keys() that also is an internal function.
>
> Since 1.0 you can use hdb_generate_key_set_password and hdb_free_keys to 
> generate the key data.
I tried this approach (patch attached).

Converting _kadm5_free_keys to hdb_free_keys is trivial, as the former 
is just a wrapper over the second.

However, converting _kadm5_set_keys to hdb_generate_key_set_password is 
much more difficult. I first tried to inline all code from 
_kadm5_set_keys in smbk5pwd.c. However, gcc complains about "request for 
member âcontextâ in something not a structure or union" because it 
doesn't have any clue about the nature of kadm_context, which is a void 
ponter for smbk5pwd. Trying to cast it as a kadm5_server_context pointer 
fails, as this seems also to be a private heimdal structure...

Given my lack of C knowledge, I'm a bit stuck there.
--
Guillaume Rousse
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62

--- smbk5pwd.c~	2008-02-12 00:34:15.000000000 +0100
+++ smbk5pwd.c	2008-05-27 10:59:32.000000000 +0200
@@ -368,6 +368,8 @@
 		struct berval *keys;
 		int kvno, i;
 		Attribute *a;
+		Key *local_keys;
+		size_t local_num_keys;
 
 		if ( !SMBK5PWD_DO_KRB5( pi ) ) break;
 
@@ -396,7 +398,27 @@
 				op->o_log_prefix, e->e_name.bv_val, 0 );
 		}
 
-		ret = _kadm5_set_keys(kadm_context, &ent, qpw->rs_new.bv_val);
+		/* _kadm5_set_keys is a private function, inline its code here */
+		ret = hdb_generate_key_set_password(kadm_context->context,
+			ent.principal, qpw->rs_new.bv_val,
+			&local_keys, &local_num_keys);
+		if (ret != 0)
+			break;
+
+		hdb_free_keys(kadm_context->context, ent.keys.len, ent.keys.val);
+		ent.keys.val = local_keys;
+		ent.keys.len = local_num_keys;
+
+		hdb_entry_set_pw_change_time(kadm_context->context, &ent, 0);
+
+		if (krb5_config_get_bool_default(kadm_context->context, NULL, FALSE,
+			"kadmin", "save-password", NULL)) {
+			ret = hdb_entry_set_password(kadm_context->context,
+				kadm_context->db, &ent, qpw->rs_new.bv_val);
+			if (ret != 0)
+				break;
+		}
+
 		hdb_seal_keys(context, db, &ent);
 		krb5_free_principal( context, ent.principal );
 
@@ -415,7 +437,7 @@
 		}
 		BER_BVZERO( &keys[i] );
 
-		_kadm5_free_keys(kadm_context, ent.keys.len, ent.keys.val);
+		hdb_free_keys(kadm_context, ent.keys.len, ent.keys.val);
 
 		if ( i != ent.keys.len ) {
 			ber_bvarray_free( keys );