[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Interoperating with Win2K
Mark Davies <mark@MCS.VUW.AC.NZ> writes:
> OK, with that I certainly get further. I now get the service ticket but
> telnet fails with:
>
> [ Kerberos V5 refuses authentication because krb5_sock_to_principal failed ]
Right, telnetd basically does getsockname() and then gethostbyaddr()
to try to figure out the relevant instance name to use. If you don't
have working backwards resolving you might kludge to code to do what
you want or just apply the appended patch, which disables this in effect.
/assar
Index: kerberos5.c
===================================================================
RCS file: /afs/pdc.kth.se/src/packages/kth-krb/SourceRepository/appl/telnet/libtelnet/kerberos5.c,v
retrieving revision 1.41
diff -u -w -u -w -r1.41 kerberos5.c
--- kerberos5.c 2000/07/02 05:33:48 1.41
+++ kerberos5.c 2000/07/24 00:37:30
@@ -277,7 +277,6 @@
krb5_data outbuf;
krb5_keyblock *key_block;
char *name;
- krb5_principal server;
int zero = 0;
if (cnt-- < 1)
@@ -312,29 +311,13 @@
return;
}
- ret = krb5_sock_to_principal (context,
- 0,
- "host",
- KRB5_NT_SRV_HST,
- &server);
- if (ret) {
- Data(ap, KRB_REJECT, "krb5_sock_to_principal failed", -1);
- auth_finished(ap, AUTH_REJECT);
- if (auth_debug_mode)
- printf("Kerberos V5: "
- "krb5_sock_to_principal failed (%s)\r\n",
- krb5_get_err_text(context, ret));
- return;
- }
-
ret = krb5_rd_req(context,
&auth_context,
&auth,
- server,
+ NULL,
NULL,
NULL,
&ticket);
- krb5_free_principal (context, server);
if (ret) {
char *errbuf;