Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)

To: "John D. Baker" <jdbaker%mylinuxisp.com@localhost>, Richard PALO <richard%netbsd.org@localhost>
Subject: Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
From: Mark Davies <mark%ecs.vuw.ac.nz@localhost>
Date: Thu, 29 Sep 2016 12:59:46 +1300



On 28/09/16 09:44, John D. Baker wrote:

Well, previous wireshark versions (up to v2.0.4 in pkgsrc-2016Q2) were
happy with the builtin "heimdal" krb5 implementation, but v2.2.0 in
HEAD/pkgsrc-2016Q3 is not, so it limits "KRB5_ACCEPTED" to "mit-krb5"
only and explicitly depends on "security/mit-krb5" via its "buildlink3.mk".

nobody has come up with a fix for it yet?


Apparently not, although

  http://mail-index.NetBSD.org/pkgsrc-users/2016/09/21/msg023779.html

seems to imply that it is an issue to be investigated.

I just looked at this and the defines that are clashing with heimdal,while being set, aren't actually used anywhere in wireshark so theattached patches allow it to build.


cheers
mark

$NetBSD$

#if 0 out some defines that clash with heimdal but wireshark doesn't
actually use.  Allows build with heimdal

--- epan/dissectors/packet-kerberos.c.orig	2016-09-07 16:59:03.000000000 +0000
+++ epan/dissectors/packet-kerberos.c
@@ -1068,6 +1068,7 @@ decrypt_krb5_data(proto_tree *tree, pack
 #define KRB5_MSG_ENC_KRB_CRED_PART	29	/* EncKrbCredPart */
 #define KRB5_MSG_ERROR			30	/* KRB-ERROR type */
 
+#if 0
 /* encryption type constants */
 #define KRB5_ENCTYPE_NULL		0
 #define KRB5_ENCTYPE_DES_CBC_CRC	1
@@ -1103,6 +1104,7 @@ decrypt_krb5_data(proto_tree *tree, pack
 #define KRB5_ENCTYPE_RC4_LM		0xffffff7e
 #define KRB5_ENCTYPE_RC4_PLAIN2		0xffffff7f
 #define KRB5_ENCTYPE_RC4_MD4		0xffffff80
+#endif
 
 /* checksum types */
 #define KRB5_CHKSUM_NONE		0

$NetBSD$

#if 0 out some defines that clash with heimdal but wireshark doesn't
actually use.  Allows build with heimdal

--- epan/dissectors/packet-kerberos.h.orig	2016-09-07 16:59:03.000000000 +0000
+++ epan/dissectors/packet-kerberos.h
@@ -108,6 +108,7 @@ void read_keytab_file_from_preferences(v
 
 #endif /* HAVE_KERBEROS */
 
+#if 0
 /* encryption type constants */
 #define KRB5_ENCTYPE_NULL		0
 #define KRB5_ENCTYPE_DES_CBC_CRC	1
@@ -128,8 +129,10 @@ void read_keytab_file_from_preferences(v
 #define KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96 17
 #define KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96 18
 #define KRB5_ENCTYPE_DES_CBC_MD5_NT	20
+#endif
 #define KERB_ENCTYPE_RC4_HMAC		23
 #define KERB_ENCTYPE_RC4_HMAC_EXP	24
+#if 0
 #define KRB5_ENCTYPE_UNKNOWN		0x1ff
 #define KRB5_ENCTYPE_LOCAL_DES3_HMAC_SHA1	0x7007
 #define KRB5_ENCTYPE_RC4_PLAIN_EXP	0xffffff73
@@ -143,7 +146,7 @@ void read_keytab_file_from_preferences(v
 #define KRB5_ENCTYPE_RC4_LM		0xffffff7e
 #define KRB5_ENCTYPE_RC4_PLAIN2		0xffffff7f
 #define KRB5_ENCTYPE_RC4_MD4		0xffffff80
-
+#endif
 
 /*--- Included file: packet-kerberos-exp.h ---*/
 #line 1 "./asn1/kerberos/packet-kerberos-exp.h"

Follow-Ups:
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: John D. Baker

References:
- heimdal builtin busted?
  - From: Richard PALO
- krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Richard PALO
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Richard PALO
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: John D. Baker
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Richard PALO
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: John D. Baker

Prev by Date: alternate distfiles per package and PHP (php-ssh2)
Next by Date: daily pkgsrc CVS update output
Previous by Thread: Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
Next by Thread: Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
Indexes:

Home | Main Index | Thread Index | Old Index