| From: | "Fabian Müller" <fabian.mueller@fiz-karlsruhe.de> |
| Subject: | Documentation__krb5_get_init_creds_password - Get initial credentials using a password. |
| To: | krb5-bugs@mit.edu |
| Date: | Thu, 9 Jan 2020 14:08:27 +0100 |
Dear maintainers,
I noticed that when krb5_get_init_creds_password is called using an incorrect password, the error code returned is KRB5KDC_ERR_PREAUTH_FAILED (using release 1.17). This is not among the possible return values mentioned in https://web.mit.edu/kerberos/krb5-latest/doc/appdev/refs/api/krb5_get_init_creds_password.html.
Due to the necessary external setup, it is a bit hard to provide a minimal working example, but the libkrb5 source itself seems to agree that this is a possible return value (see e.g. https://github.com/krb5/krb5/blob/krb5-1.17-final/src/clients/kinit/kinit.c#L773-L811).
Possibly the list of return values in the documentation is not meant to be exhaustive; in that case the documentation should say so.
Kind regards,
Fabian Müller
------------------------------------------------------------------------------
FIZ Karlsruhe - Leibniz-Institut für Informationsinfrastruktur GmbH.
Sitz der Gesellschaft: Eggenstein-Leopoldshafen, Amtsgericht Mannheim HRB 101892.
Geschäftsführerin: Sabine Brünger-Weilandt.
Vorsitzende des Aufsichtsrats: MinDirig’in Dr. Angelika Willms-Herget.
FIZ Karlsruhe ist zertifiziert mit dem Siegel "audit berufundfamilie".
I noticed that when krb5_get_init_creds_password is called using an incorrect password, the error code returned is KRB5KDC_ERR_PREAUTH_FAILED (using release 1.17). This is not among the possible return values mentioned in https://web.mit.edu/kerberos/krb5-latest/doc/appdev/refs/api/krb5_get_init_creds_password.html.
Due to the necessary external setup, it is a bit hard to provide a minimal working example, but the libkrb5 source itself seems to agree that this is a possible return value (see e.g. https://github.com/krb5/krb5/blob/krb5-1.17-final/src/clients/kinit/kinit.c#L773-L811).
Possibly the list of return values in the documentation is not meant to be exhaustive; in that case the documentation should say so.
Kind regards,
Fabian Müller
------------------------------------------------------------------------------
FIZ Karlsruhe - Leibniz-Institut für Informationsinfrastruktur GmbH.
Sitz der Gesellschaft: Eggenstein-Leopoldshafen, Amtsgericht Mannheim HRB 101892.
Geschäftsführerin: Sabine Brünger-Weilandt.
Vorsitzende des Aufsichtsrats: MinDirig’in Dr. Angelika Willms-Herget.
FIZ Karlsruhe ist zertifiziert mit dem Siegel "audit berufundfamilie".