Subject: Re: KerberosIV for non-US citizens
To: None <>
From: John C. Hayward <>
List: current-users
Date: 07/13/1995 23:28:36
  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Type: TEXT/PLAIN; CHARSET=iso-8859-1

On Thu, 13 Jul 1995 wrote:

> Hi,
> I've been spending some time lately getting basic KerberosIV to
> compile cleanly on NetBSD-1.0 and NetBSD-current.  The results of
> this can be found in
Thanks for your work.  Last fall

"Mark P. Gooderum" <>

had also done a port of KerberosIV to NetBSD.  Reciently I was doing some 
work on Kerberos (got confused with difference between master password and
admin password on kadmin) and wanted to look at the source.  Unfortunatly
I had managed to lose the kadmin sources so I picked up your tree.

I had one minor problem in building it - for some reason my LEX in 
/usr/share/mk/??? is lex and flex is what it seemed to need and -fl
library rather than -l.  This may be because I am not current.

I also noticed that register and friends were commented out.  It looks
like these would be quite helpful in allowing users to register themselves.

There also seems to be a bug introduced in kdb_util.  kdb_util load seems
to write to the temporary file but not update the actual file.  There is
I think at least one bug in the code of kdb_util.c

"Mark P. Gooderum" code:
    char *temp_db_file;
    temp1 = strlen(db_file) + 2; 
    temp_db_file = malloc (temp1);
    strcpy(temp_db_file, db_file);
    strcat(temp_db_file, "~"); code:
    char *temp_db_file;
    temp1 = strlen(db_file+2);
    temp_db_file = malloc (temp1); 
    strcpy(temp_db_file, db_file);  
    strcat(temp_db_file, "~");  

It looks to me that the paren is in the wrong place (isn't C wonderfull!)
resulting in a memory allocation which is 4 bytes shorter than what is 
needed.  With these kind of undetected runtime errors this may or may not
cause the problem with kdb_util load I was seeing.

I also noted that in kdb_edit.c
"Mark P. Gooderum" code:
                if (pw_str[0] == '\0' || !strcmp(pw_str, "RANDOM")) {
which allows one to enter an empty password and you get prompted if
you want a RANDOM password.  I found this nice when entering a set of
rcmd entries for a lab of work stations.

Maybe Mark could make his port available again and someone could do
a diff to find other bugs/features between these two ports.

For anyone interested I have a kerberized version of xdm.  It took me a long
time to figure out why what I had done did not work.  My problem was I forgot
to include the des library in the configuration and NetBSD dynamic libraries
do not complain in certain situations about unresolved references until 
runtime and since xdm was managing the screen the runtime error message
was lost.  Running xdm from a remote location revealed my problem.