On 2025-09-28 07:21, Greg Hudson wrote:
On 9/27/25 06:17, Osipov, Michael (IN IT IN) via Kerberos wrote:
(gdb) where
#0 0x60000000c8a788d0:0 in get_tag () at asn1_encode.c:370
#1 0x60000000c8a79f70:0 in split_der () at asn1_encode.c:605
[...]
777 encode_run(req, "pa_pk_as_req", "",
acc.encode_krb5_pa_pk_as_req);
I'd be interested in the stack trace going back to near this call site--
specifically, which encode_krb5_*() function is called.
The reason I ask is that encode_krb5_pa_pk_as_req() should not reach
split_der(). So I wonder if a different function is being executed
somehow, like encode_krb5_auth_pack().
If I'm right, then we'll have the mystery of why
acc_encode_krb5_pa_pk_as_req contains the wrong function pointer. The
structure is populated by krb5int_accessor().
I can both functions through the preprocessor. May this helps:
krb5_error_code
krb5int_accessor(krb5int_access *internals, krb5_int32 version)
{
if (version == (((krb5_int32)((sizeof(krb5int_access) & 0xFFFF) | (23 << 16)))
& 0xFFFFFFFF)) {
static const krb5int_access internals_temp = {
. auth_con_get_subkey_enctype = krb5_auth_con_get_subkey_enctype,
. ser_pack_int64 = krb5_ser_pack_int64,
. ser_unpack_int64 = krb5_ser_unpack_int64,
. asn1_ldap_encode_sequence_of_keys = 0,
. asn1_ldap_decode_sequence_of_keys = 0,
. encode_krb5_pa_pk_as_req = encode_krb5_pa_pk_as_req,
. encode_krb5_pa_pk_as_rep = encode_krb5_pa_pk_as_rep,
. encode_krb5_auth_pack = encode_krb5_auth_pack,
. encode_krb5_kdc_dh_key_info = encode_krb5_kdc_dh_key_info,
. encode_krb5_reply_key_pack = encode_krb5_reply_key_pack,
. encode_krb5_td_trusted_certifiers =
encode_krb5_td_trusted_certifiers,
. encode_krb5_td_dh_parameters = encode_krb5_td_dh_parameters,
. decode_krb5_pa_pk_as_req = decode_krb5_pa_pk_as_req,
. decode_krb5_pa_pk_as_rep = decode_krb5_pa_pk_as_rep,
. decode_krb5_auth_pack = decode_krb5_auth_pack,
. decode_krb5_kdc_dh_key_info = decode_krb5_kdc_dh_key_info,
. decode_krb5_principal_name = decode_krb5_principal_name,
. decode_krb5_reply_key_pack = decode_krb5_reply_key_pack,
. decode_krb5_td_trusted_certifiers =
decode_krb5_td_trusted_certifiers,
. decode_krb5_td_dh_parameters = decode_krb5_td_dh_parameters,
. encode_krb5_kdc_req_body = encode_krb5_kdc_req_body,
. free_kdc_req = krb5_free_kdc_req,
. set_prompt_types = k5_set_prompt_types,
};
*internals = internals_temp;
return 0;
}
return (-1765328146L);
}
and
{
krb5_pa_pk_as_req req;
ktest_make_sample_pa_pk_as_req(&req);
retval = acc . encode_krb5_pa_pk_as_req(&(req),&(code)); if (retval) { com_err("krb5_encode_test",
retval,"while encoding %s", "pa_pk_as_req"); exit(1); } encoder_print_results(code, "pa_pk_as_req",
""); ktest_empty_pa_pk_as_req(&req);
}
Michael
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
