MITKerberosShim lies harmfully

Originator:shadow
Number:rdar://9824412 Date Originated:
Status: Resolved:
Product:MacOS Product Version:10.7.0
Classification: Reproducible:
 
Summary:

To replace MIT Kerberos with Heimdal, the MITKerberosShim was introduced. it layers the MIT and Kerberos Login APIs on Heimdal. Sadly, incompletely, but it logs when it doesn't implement something, and returns a dummy return code.

unfortunately, a large number of those return codes are 0 (success), so an application links, runs, may believe it's doing things that succeed, and then crash.

Steps to Reproduce:
call any of the manifold functions in dummy.c in MITKerberosShim which hardcode a 0 return

Expected Results:
if they claim success, actually doing what they claim to do

Actual Results:
a log message and no processing whatsoever.

Regression:
worked in 10.6, since it was a real kerberos library that did something. basically any call that doesn't either return an error or do cleanup and thus not actually need to clean up since the setup function was also stubbed is now broken.

Notes:
The list of functions in this file needs a comprehensive look to see what errors should be returned; 0 is returned in nearly all, and is a bad choice for most of those.

Comments

asked for a set of errors, i replied: Based on review of the original MIT code which is now replaced by this shim, I believe this would be a reasonable set of errors.

gss_str_to_oid, GSS_S_FAILURE gss_krb5_get_tkt_flags, GSS_S_NO_CONTEXT gss_sign, GSS_S_UNAVAILABLE gss_inquire_mechs_for_name, GSS_S_FAILURE gss_verify, GSS_S_UNAVAILABLE krb524_convert_creds_kdc, ENOMEM krb5_425_conv_principal, ENOMEM krb5_524_conv_principal, ENOMEM krb5_524_convert_creds, ENOMEM krb5_auth_con_getrecvsubkey, ENOMEM krb5_auth_con_getsendsubkey, ENOMEM krb5_build_principal_alloc_va, ENOMEM krb5_build_principal_va, ENOMEM krb5_cc_copy_creds, KRB5_CC_NOMEM krb5_cc_move, KRB5_CC_READONLY krb5_get_credentials_renew, ENOMEM krb5_get_credentials_validate, ENOMEM krb5_mk_1cred, ENOMEM krb5_mk_error, ENOMEM krb5_mk_ncred, ENOMEM krb5_mk_rep, ENOMEM krb5_pkinit_get_client_cert, ENOMEM krb5_pkinit_get_client_cert_db, ENOMEM krb5_pkinit_get_kdc_cert, ENOMEM krb5_pkinit_get_kdc_cert_db, ENOMEM krb5_pkinit_set_client_cert, ENOMEM krb5_rd_cred, ENOMEM krb5_rd_error, ENOMEM krb5_rd_rep, ENOMEM krb5_unparse_name_ext, ENOMEM krb5_unparse_name_flags, ENOMEM krb5_unparse_name_flags_ext, ENOMEM krb5int_accessor, KRB5_OBSOLETE_FN krb5int_init_context_kdc, ENOMEM krb5int_pkinit_auth_pack_decode, ENOMEM krb5int_pkinit_create_cms_msg, ENOMEM krb5int_pkinit_pa_pk_as_rep_encode, ENOMEM krb5int_pkinit_pa_pk_as_req_decode, ENOMEM krb5int_pkinit_parse_cms_msg, ENOMEM krb5int_pkinit_reply_key_pack_encode, ENOMEM

By shadow at July 25, 2011, 6:56 p.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!