Subject: lib/10666: getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
To: None <>
From: None <>
List: netbsd-bugs
Date: 07/24/2000 10:24:11
>Number:         10666
>Category:       lib
>Synopsis:       getaddrinfo(3) fails if called with ai_socktype = ai_protocol = 0
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jul 24 10:24:00 PDT 2000
>Originator:     Rene Hexel
>Release:        NetBSD-1.5_ALPHA and -current as of 2000-07-19
System: NetBSD 1.5_ALPHA NetBSD 1.5_ALPHA (CETI) #1: Wed Jul 19 12:59:17 CEST 2000 i386

	When called with a zero-filled addrinfo hints structure, getaddrinfo(3)
currently fails with EAI_SERVICE despite the manual page claiming that
ai_socktype and ai_protocol may be zero.  This specific problem causes
kpasswd(8) to fail, because roken_getaddrinfo_hostspec() in
basesrc/crypto/dist/heimdal/lib/roken/getaddrinfo_hostspec.c passes
exactly such a structure when called with the default kerberos5 server
name "kerberos.<mydomain>" (without a leading "tcp/", "udp/", etc. prefix).

	Set up kerberos, make sure your krb5.conf does *not* contain an
	"admin_server = foo" line.

	Now try changing any password using "kpasswd" and wonder why you
	always get

	kpasswd: krb5_change_password: Bad file descriptor

	After some investigation, discover that EBADF which causes this
	bogus error message has the same numerical value as EAI_SERVICE
	as returned by getaddrinfo(3).

	Make getaddrinfo(3) treat a zero-filled addrinfo hints structure the
	same way as a NULL addrinfo structure.

	Alternatively (if this is not desired), fix
	roken_getaddrinfo_hostspec() to pass a NULL hints structure instead of
	a zero-filled addrinfo if a given host is not prefixed with a matching

	Workaround: until this is fixed, always specify
	"admin_server = protocol/server.domain" in your /etc/krb5.conf