[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: smbk5pwd crash for missing symbol

Guillaume Rousse wrote:
Love Hörnquist Åstrand a écrit :
27 maj 2008 kl. 02.18 skrev Guillaume Rousse:

I tried this approach (patch attached).

Converting _kadm5_free_keys to hdb_free_keys is trivial, as the former
is just a wrapper over the second.

However, converting _kadm5_set_keys to hdb_generate_key_set_password
is much more difficult. I first tried to inline all code from
_kadm5_set_keys in smbk5pwd.c. However, gcc complains about "request
for member ‘context’ in something not a structure or union" because it
doesn't have any clue about the nature of kadm_context, which is a
void ponter for smbk5pwd. Trying to cast it as a kadm5_server_context
pointer fails, as this seems also to be a private heimdal structure...

Given my lack of C knowledge, I'm a bit stuck there.
You can use the krb5_contex that is global in the module, just change
the code to use context instead of kadm5_context.
Slightly better but I still can't access its members:
smbk5pwd.c:416: error: dereferencing pointer to incomplete type

The kadm5_context.db field is already available as "db" in this module, there is no need to dereference anything else to get it.

Looking at your patch, exactly duplicating all of _kadm5_set_keys' behavior is the wrong approach. The hdb entry being operated on will not get written back to any DB using the hdb APIs, so hdb_entry_set_pw_change_time()/hdb_entry_set_password() will not accomplish anything. If you want to support those features you have to create appropriate Modify subops for them to attach to the Modification that's being assembled. That also means retrieving the appropriate AttributeDescriptions corresponding to whatever LDAP attribute Heimdal normally uses to store those fields. Note that Heimdal's hdb-ldap.c doesn't actually touch any of the HDB_extension fields in the HDB entry, so hdb_entry_set_password() is futile anyway.

According to my understanding, kadm_context type is a pointer to an
internally-defined krb5_context_data structure.

Inlining private function is not straightforward, especially for dumb C
programmers :)

It takes more than a basic understanding of C syntax to write code. You have to also take the time to understand the overall purpose of the code you're working with.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/