[OpenAFS-devel] Minimum autoconf version
Troy Benjegerdes
hozer@hozed.org
Tue, 5 Jul 2005 00:17:09 -0500
On Tue, Jul 05, 2005 at 01:09:45AM -0400, Jeffrey Altman wrote:
> Troy Benjegerdes wrote:
> > On Fri, Jul 01, 2005 at 02:28:13PM -0400, Ken Hornstein wrote:
> >
> >>What's the minimum autoconf version that we are using with OpenAFS?
> >>
> >>I ask because in the autoconf glue I did for aklog, I started getting
> >>complaints because I used AC_ARG_VAR and apparantly some people out
> >>there (you know who you are) were still using autoconf 2.13, which
> >>didn't have it. I'm wondering if we can all agree on what the minimum
> >>autoconf version is and standardize on it with AC_PREREQ (I'm hoping it
> >>will be something newer than 2.13). I also noticed that the configure
> >>behavior is different for some macros between 2.13 and later versions
> >>(specifically, the tests done when doing AC_CHECK_HEADERS seems to be
> >>more comprehensive in later version of autoconf), and that complicated
> >>things when I was writing the autoconf tests; that's why I'd like to
> >>get the autoconf version mess straightened out.
> >
> >
> > FYI, when using Kerberos V5 native tickets, 'user/admin' type principals
> > don't resolve to 'user.admin' afs ID's, only 'user'.
> >
> > Using -524 gets the regular krb5 user.admin ticket, so it works.
>
> That means that 524 is a security hole.
Hrrm? hasn't the 'user/admin' kerberos ticket to 'user.admin' AFS id
always been standard?
FYI, after reading the source a bit, the following fixes the native K5
stuff..
@@ -622,7 +623,7 @@
strncpy(username, get_princ_str(context, v5cred->client, 0),
len);
username[len] = '\0';
- if (second_comp(context, v5cred->client) > 1) {
+ if (second_comp(context, v5cred->client)) {
strcat(username, ".");
p = username + strlen(username);
len = min(get_princ_len(context, v5cred->client, 1),