[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heimdal client/server with w2k kdc

The crash is definitly related to the pac field. I tested it by using MIT 1.3.1 with the kinit patch from http://mailman.mit.edu/pipermail/krbdev/2003-August/001917.html to get credentials without the pac field.  The telnet client doesn't crash if I don't use the pac field.


MAAAAA MOOOR <huaraz@btinternet.com> wrote:
I try to use Heimdal 0.61 clients together  with a w2k kdc and rc4-hmac.
Most parts work fine except that there are some buffer overflows because of the bigger ticket as windows send the pac field details. In ftpd the command  buffer has to be increased in ftpcmd.c from 2048 to something much bigger (e.g. 2048*16) so that the ADAT command can't send the whole ticket. Also the telnet client crashes, but I didn't find yet where. Does anbody have checked this before ?


>telnet -x server1.test.com
Encryption is verbose
Connected to server1.test.com.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS5 (host/server1.test.com@TEST.COM)... ]
[ Mutual authentication failed: Key size is incompatible with encryption type ]
[ Trying KERBEROS5 (host/server1.test.com@TEST.COM)... ]
Segmentation fault