[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

enc_part2?

To: heimdal-discuss@sics.se
Subject: enc_part2?
From: Torbj|rn Lindh <torbjorn.lindh@allgon.se>
Date: Mon, 10 Dec 2001 16:05:05 +0100 (MET)
Sender: owner-heimdal-discuss@sics.se

I am trying to get postgres 7.1.3 to use heimdal rather than vanilla MIT krb5,
but after fixing a few minor things I have come across a bit of a stumble.

In a server side file it says:

-----------------------------
/*
 * The "client" structure comes out of the ticket and is therefore
 * authenticated.  Use it to check the username obtained from the
 * postmaster startup packet.
 *
 * I have no idea why this is considered necessary.
 */

static int
pg_krb5_recvauth(Port *port)
{
  krb5_error_code retval;
  int ret;
  krb5_auth_context auth_context = NULL;
  krb5_ticket *ticket;
  char *kusername;

  ...
  retval = krb5_unparse_name(pg_krb5_context, ticket->enc_part2->client,
                             &kusername);
-----------------------------

but krb5.h says:

typedef struct krb5_ticket {
  EncTicketPart ticket;
  krb5_principal client;
  krb5_principal server;
} krb5_ticket;

I don't have any vanilla MIT krb5 so I cannot compare the ticket formats...  
unparse_name wants a principal, so I have tried giving it both client and
server, which, not surprisingly, did not work (Unknown error with a tremendous
error number).

Any hints?

Follow-Ups:
- Re: enc_part2?
  - From: Daniel Kouril <kouril@ics.muni.cz>

Prev by Date: kadmind under the debugger
Next by Date: kerb-set-password-00 implementation?
Prev by thread: kadmind under the debugger
Next by thread: Re: enc_part2?
Index(es):
- Date
- Thread