Subject: bin/3616: kerberos server uses wrong port
To: None <gnats-bugs@gnats.netbsd.org>
From: Chris Jones <cjones@rupert.oscs.montana.edu>
List: netbsd-bugs
Date: 05/13/1997 16:40:26
>Number:         3616
>Category:       bin
>Synopsis:       the kerberos server uses port 'kerberos' instead of 'kerberos4'
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue May 13 15:50:01 1997
>Last-Modified:
>Originator:     Chris Jones
>Organization:
-------------------------------------------------------------------------------
Chris Jones                                      cjones@rupert.oscs.montana.edu
           Mad scientist in training...
"Is this going to be a stand-up programming session, sir, or another bug hunt?"
>Release:        1.2
>Environment:
	
System: NetBSD rupert.oscs.montana.edu 1.2C NetBSD 1.2C (RUPERT) #0: Sun Feb 23 13:39:51 MST 1997 cjones@rupert.oscs.montana.edu:/home/src/current/sys/arch/mac68k/compile/RUPERT mac68k

(Using -current's domestic distribution.)

>Description:
Apparently, a lot of kerberosIV clients, including NetBSD's, use
750/tcp to speak to the server.  However, Macintoshes are one example
of clients that use 750/udp.  When the mac tries to authenticate
itself, it sends to 750/udp as it should.  However, the kerberos
daemon is listening on port 'kerberos' from /etc/services, not
'kerberos4'; consequently, it never hears the client's request.  If
the server is, in fact, kerberos 4 instead of kerberos 5, it should
listen on the kerberos4 port.
	
>How-To-Repeat:
Using libraries, headers, and binaries from -current compiled today.
Also using a variety of Macintosh kerberos clients, notably
Authentication Manager v1.0.9A.
	
>Fix:
(This is /usr/src/domestic/usr.sbin/kerberos/kerberos.c.)

*** kerberos.c~	Sun Feb 16 05:08:04 1997
--- kerberos.c	Tue May 13 16:22:26 1997
***************
*** 737,743 ****
  	exit(1);
      }
  
!     if ((sp = getservbyname("kerberos", "udp")) == 0) {
  	fprintf(stderr, "%s: udp/kerberos unknown service\n", progname);
  	exit(1);
      }
--- 737,743 ----
  	exit(1);
      }
  
!     if ((sp = getservbyname("kerberos4", "udp")) == 0) {
  	fprintf(stderr, "%s: udp/kerberos unknown service\n", progname);
  	exit(1);
      }
>Audit-Trail:
>Unformatted: