[Bug 508] Krb4/AFS token passing doesn't work because of mkstemp

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Mar 13 08:50:58 EST 2003


           Summary: Krb4/AFS token passing doesn't work because of mkstemp
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: ksulliva at psc.edu

In auth-krb4.c, in krb4_init(), we have:
        if ((fd = mkstemp(authctxt->krb4_ticket_file)) != -1) {

which tries to create a temporary file to hold kerberos tickets.  This file is
created some lines above by:
        snprintf(authctxt->krb4_ticket_file, MAXPATHLEN, "%s%u_%ld",
So, mkstemp() is passes something like "/tmp/tkt9036_6294", with no Xs at the end.

On a RedHat 8.0, mkstemp() will fail if the file template does not end with at
least 6 Xs.

To fix this, replace the mkstemp line with:

if ((fd = open(authctxt->krb4_ticket_file, O_RDWR|O_CREAT|O_EXCL, 0x600)) != -1) {

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-unix-dev mailing list