Skip Menu |

Download (untitled) / with headers
text/plain 3.3KiB
From Sun Nov 3 13:33:40 1996
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU []) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id NAA00620 for <bugs@RT-11.MIT.EDU>; Sun, 3 Nov 1996 13:33:40 -0500
Received: from [] by MIT.EDU with SMTP
id AA06309; Sun, 3 Nov 96 13:33:37 EST
Received: from (john []) by (8.8.0/8.8.0) with SMTP id KAA00711 for <>; Sun, 3 Nov 1996 10:11:21 -0800 (PST)
Message-Id: <>
Date: Sun, 3 Nov 1996 10:13:34 -0800 (PST)
From: John Gardiner Myers <>
To: krb5-bugs@MIT.EDU
Subject: krb5-beta7: SAM preauth broken

Show quoted text
>Number: 149
>Category: krb5-kdc
>Synopsis: krb5-beta7: SAM preauth broken
>Confidential: yes
>Severity: serious
>Priority: high
>Responsible: eichin
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sun Nov e 13:34:01 EST 1996
>Last-Modified: Mon Nov 25 12:38:55 EST 1996

Responsible-Changed-From-To: gnats-admin->krb5-unassigned
Responsible-Changed-By: tlyu
Responsible-Changed-When: Wed Nov 13 23:27:05 1996
refiled; uncertain as to whether or not this is a 1.0 issue though.

Responsible-Changed-From-To: krb5-unassigned->eichin
Responsible-Changed-By: eichin
Responsible-Changed-When: Tue Nov 19 17:52:31 1996

I've got preauth changes that should fix this.

From: Tom Yu <tlyu@MIT.EDU>
To: "Mark W. Eichin" <eichin@MIT.EDU>
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-libs/149: krb5-beta7: SAM preauth broken
Date: Wed, 20 Nov 1996 13:36:09 -0500

`Tom Yu' made changes to this PR.

*** /tmp/gnatsa0028. Wed Nov 20 13:35:10 1996
--- /tmp/gnatsb0028. Wed Nov 20 13:35:48 1996
*** 14,20 ****
Show quoted text
>Synopsis: krb5-beta7: SAM preauth broken
>Confidential: yes
>Severity: serious
! >Priority: medium
Show quoted text
>Responsible: eichin
>State: open
>Class: sw-bug
--- 14,20 ----
Show quoted text
>Synopsis: krb5-beta7: SAM preauth broken
>Confidential: yes
>Severity: serious
! >Priority: high
Show quoted text
>Responsible: eichin
>State: open
>Class: sw-bug

Priority changed as per release meeting.

State-Changed-From-To: open-feedback
State-Changed-By: eichin
State-Changed-When: Sat Nov 23 17:47:24 1996

Fixed, by correcting the code in the kdc to send out all preauth tags
that it can *construct* rather than all possible ones (leading to
incomplete values, leading to the decoder errors below.)

State-Changed-From-To: feedback-closed
State-Changed-By: tytso
State-Changed-When: Mon Nov 25 12:38:36 1996
State-Changed-Why: Thanks for the bug fix, Mark!

Show quoted text
Setting the "requires_prauth" field of a principal causes kinit to
fail with the message:

kinit: ASN.1 structure is missing a required field while getting initial

Stepping around in the debugger, this error is being generated by the
setup_buf_only() macro of decode_krb5_sam_challenge. This causes kinit to
crap out, even though there is another preauth type that it was able to
obtain answers for.