From root@melville.u.washington.edu Thu Aug 7 15:14:49 1997 Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id PAA03599 for ; Thu, 7 Aug 1997 15:14:49 -0400 Received: from melville.u.washington.edu by MIT.EDU with SMTP id AA20408; Thu, 7 Aug 97 15:14:47 EDT Received: (from root@localhost) by melville.u.washington.edu (8.8.4+UW97.07/8.8.4+UW97.05) id MAA113084; Thu, 7 Aug 1997 12:14:46 -0700 Message-Id: <199708071914.MAA113084@melville.u.washington.edu> Date: Thu, 7 Aug 1997 12:14:46 -0700 From: donn@u.washington.edu Reply-To: donn@u.washington.edu To: krb5-bugs@MIT.EDU Subject: ftp generates service principal from cluster, not host X-Send-Pr-Version: 3.99 >Number: 458 >Category: krb5-appl >Synopsis: ftp should use gethostbyaddr() to get canonical service princ. >Confidential: no >Severity: serious >Priority: medium >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Thu Aug 07 15:15:01 EDT 1997 >Last-Modified: >Originator: Donn Cave >Organization: University of Washington University Computing Services >Release: 1.0pl1 >Environment: Anywhere host names are aliased. System: AIX melville 2 4 000010504900 >Description: Kerberos authentication fails with wrong principal name when ftp attempts to connect to a DNS-supported cluster - where the name used to connect (say "ftphost") is not the name of the host (say "ftphost4".) Or I guess in any other DNS aliased situation. >How-To-Repeat: Use Kerberos authenticated ftp, specify an aliased host. >Fix: I cured this by inserting a gethostbyaddr() right after the gethostbyname() in hookup(). If that succeeds, I copy the name out of hp->h_name. >Audit-Trail: >Unformatted: