Skip Menu |
 

Download (untitled) / with headers
text/plain 2.1KiB
From mhbraun@MIT.EDU Wed Feb 19 20:54:26 1997
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id UAA25176 for <bugs@RT-11.MIT.EDU>; Wed, 19 Feb 1997 20:54:26 -0500
Received: from FOREVER.MIT.EDU by MIT.EDU with SMTP
id AA02102; Wed, 19 Feb 97 20:54:24 EST
Received: by forever.MIT.EDU (8.6.12/4.7) id UAA16194; Wed, 19 Feb 1997 20:54:21 -0500
Message-Id: <199702200154.UAA16194@forever.MIT.EDU>
Date: Wed, 19 Feb 1997 20:54:21 -0500
From: matt@MIT.EDU
Reply-To: matt@MIT.EDU
To: krb5-bugs@MIT.EDU
Cc: matt@MIT.EDU
Subject: krb524init chooses (interfaces) poorly
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 380
>Category: krb5-clients
>Synopsis: krb524init choses the wrong interface on multihomed machines
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: closed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed Feb 19 20:55:01 EST 1997
>Last-Modified: Fri Aug 08 00:33:44 EDT 1997
>Originator: Matt Braun
>Organization:

Show quoted text
>Release: 1.0
>Environment:

System: SunOS gag 4.1.3 U1 sun4c sparc
A multihomed machine with a ppp interface and an ethernet interface

Show quoted text
>Description:
I kinit and get krb5 tickets (for both IP addresses) and then run krb524init
to get krb4 tickets I can use with zephyr. Since krb4 only allows one
address, the krb524initd chooses the first one. In my case it chose poorly and
the ticket was useless.

Show quoted text
>How-To-Repeat:
kinit (krb5) on a multihomes machine then run krb524init. Try doing things
with those tickets from both interfaces, one should fail.

Show quoted text
>Fix:
There are 3 solutions I see. 1) add an option to kinit to specify the
addresses that the tickets are usable on. 2) have krb524initd 'guess' which
address to use based on where the packet came from and 3) add an argument to
krb524init to specify which address to use...although this might require a
protocol change.
Show quoted text
>Audit-Trail:

State-Changed-From-To: open-closed
State-Changed-By: tlyu
State-Changed-When: Fri Aug 8 00:32:31 1997
State-Changed-Why:

Fixed. See krb5-misc/275.

Show quoted text
>Unformatted:
Matt Braun