From mhbraun@MIT.EDU  Wed Feb 19 20:54:26 1997
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA25176 for <bugs@RT-11.MIT.EDU>; Wed, 19 Feb 1997 20:54:26 -0500
Received: from FOREVER.MIT.EDU by MIT.EDU with SMTP
	id AA02102; Wed, 19 Feb 97 20:54:24 EST
Received: by forever.MIT.EDU (8.6.12/4.7) id UAA16194; Wed, 19 Feb 1997 20:54:21 -0500
Message-Id: <199702200154.UAA16194@forever.MIT.EDU>
Date: Wed, 19 Feb 1997 20:54:21 -0500
From: matt@MIT.EDU
Reply-To: matt@MIT.EDU
To: krb5-bugs@MIT.EDU
Cc: matt@MIT.EDU
Subject: krb524init chooses (interfaces) poorly
X-Send-Pr-Version: 3.99

>Number:         380
>Category:       krb5-clients
>Synopsis:       krb524init choses the wrong interface on multihomed machines
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    krb5-unassigned
>State:          closed
>Class:          sw-bug
>Submitter-Id:   unknown
>Arrival-Date:   Wed Feb 19 20:55:01 EST 1997
>Last-Modified:  Fri Aug 08 00:33:44 EDT 1997
>Originator:     Matt Braun
>Organization:
	
>Release:        1.0
>Environment:
	
System: SunOS gag 4.1.3 U1 sun4c sparc
A multihomed machine with a ppp interface and an ethernet interface

>Description:
I kinit and get krb5 tickets (for both IP addresses) and then run krb524init
to get krb4 tickets I can use with zephyr.  Since krb4 only allows one
address, the krb524initd chooses the first one.  In my case it chose poorly and
the ticket was useless.

>How-To-Repeat:
kinit (krb5) on a multihomes machine then run krb524init.  Try doing things
with those tickets from both interfaces, one should fail.

>Fix:
There are 3 solutions I see.  1) add an option to kinit to specify the
addresses that the tickets are usable on. 2) have krb524initd 'guess' which
address to use based on where the packet came from and 3) add an argument to
krb524init to specify which address to use...although this might require a
protocol change.
>Audit-Trail:

State-Changed-From-To: open-closed
State-Changed-By: tlyu
State-Changed-When: Fri Aug  8 00:32:31 1997
State-Changed-Why:

Fixed.  See krb5-misc/275.

>Unformatted:
Matt Braun