RT/krbdev.mit.edu: Ticket #4325 src/include/krb5_err.h needs to be updated to match RFC4120

RT/krbdev.mit.edu: Ticket #4325 src/include/krb5_err.h needs to be updated to match RFC4120

Signed in as guest.
[Logout]

[Home]

[Search]

[Configuration]

[Display]

[History]

[Basics]

[Dates]

[People]

[Links]

[Jumbo]

The Basics

Id
4325

Status
new

Worked
0 min

Priority
0/0

Queue
krb5

Keyword Selections

Component	krb5-libs
Version_reported	1.4.4
Version_Fixed
Target_Version
Tags

Relationships

Depends on:

Depended on by:

Parents:

Children:

Refers to:

Referred to by:

Dates

Created:	Mon Sep 25 10:04:42 2006
Starts:	Not set
Started:	Not set
Last Contact:	Not set
Due:	Not set
Updated:	Mon Sep 25 10:56:45 2006 by jaltman

People

Owner
Nobody
Requestors
jaltman@mit.edu
Cc

AdminCc

More about Jeffrey Altman

Comments about this user:
No comment entered about this user
This user's 25 highest priority tickets:

1527: krb5_rd_safe_basic() throws exception when sender_addr is NULL (new)
1809: Krb5 Telnet[d] improperly truncates 3DES keys to DES key (new)
2137: krb5_cc_get_principal prevents implementation of auto kinit dialogs in KfM/KfW (new)
2145: gss_release_buffer() too easily deallocates memory it should not (new)
2147: Debug output hooks need to be added to support Windows Help Desk (open)
2253: W2K+3 vs MIT RC4-HMAC based cross-realm trusts (open)
2536: Krb5 Admin Guide fails to document krb524 (new)
2547: Add support for kpasswd/TCP to kadmind (open)
2596: src/krb524/README out of date (new)
2602: Don't reject renewable of non-renewable tickets (new)
2636: replace all calls to getenv()/setenv() with Get/SetEnvironmentVariable on Windows (open)
2640: krb5_cc_default() blocks for two minutes when MSLSA and Logon Server Unavailable (open)
2736: recode krb5_get_credentials to work without a ccache (new)
3112: telnet does not build on Fedora Core 4 (new)
4157: Windows README is out of date (new)
4325: src/include/krb5_err.h needs to be updated to match RFC4120 (new)
4328: Implement new krb5_get_credentials option: KRB5_GC_REPLACE (open)
4740: cccursor backend for MSLSA (new)
5501: Vista UAC impact on Windows Installer requires modifications to admin privilege test (open)
5536: Build Script Fails to build KFW (open)
5543: Build Scripts fail to package with "beta" version (new)
5714: Build Script - Update for 64-bit Windows build (open)
5718: NIM: BUG: APP: Configuration Identity Panel Apply Button (open)
5720: NIM: BUG: APP: Create command-line request queue (open)
5721: NIM: BUG: KRB5: Identity validation can succeed without prompts (open)

History

Display mode: [Brief headers] [Full headers]

Mon Sep 25 10:04:43 2006	jaltman - Ticket created
Subject: src/include/krb5_err.h needs to be updated to match RFC4120 RFC4120 specifies a number of new error codes. They need to be added to krb5_err.h and the error message table. KDC_ERROR_CLIENT_NOT_TRUSTED 62 Reserved for PKINIT KDC_ERROR_KDC_NOT_TRUSTED 63 Reserved for PKINIT KDC_ERROR_INVALID_SIG 64 Reserved for PKINIT KDC_ERR_KEY_TOO_WEAK 65 Reserved for PKINIT KDC_ERR_CERTIFICATE_MISMATCH 66 Reserved for PKINIT KRB_AP_ERR_NO_TGT 67 No TGT available to validate USER-TO-USER KDC_ERR_WRONG_REALM 68 Reserved for future use KRB_AP_ERR_USER_TO_USER_REQUIRED 69 Ticket must be for USER-TO-USER KDC_ERR_CANT_VERIFY_CERTIFICATE 70 Reserved for PKINIT KDC_ERR_INVALID_CERTIFICATE 71 Reserved for PKINIT KDC_ERR_REVOKED_CERTIFICATE 72 Reserved for PKINIT KDC_ERR_REVOCATION_STATUS_UNKNOWN 73 Reserved for PKINIT KDC_ERR_REVOCATION_STATUS_UNAVAILABLE 74 Reserved for PKINIT KDC_ERR_CLIENT_NAME_MISMATCH 75 Reserved for PKINIT KDC_ERR_KDC_NAME_MISMATCH 76 Reserved for PKINIT KDC_ERR_WRONG_REALM is frequently returned by Active Directory and the users are in turn presented with cryptic error messages. It would be nice if this change could be committed for KFW 3.1.		Download (untitled) 1.3k
Mon Sep 25 10:07:28 2006	jaltman - Component krb5-libs added
Mon Sep 25 10:07:29 2006	jaltman - Version_reported 1.4.4 added
Mon Sep 25 10:44:44 2006	jaltman - Correspondence added

A proposed patch		Download (untitled) 16b
		Download krb5_4325.diff 2.6k
Mon Sep 25 10:56:41 2006	jaltman - Correspondence added

Here is a second version of the patch that includes all of the error messages from PKINIT		Download (untitled) 89b
		Download krb5_4325.diff 3.1k