Re: Heimdal client/server with w2k kdc

The crash is definitly related to the pac field. I tested it by using MIT 1.3.1 with the kinit patch from http://mailman.mit.edu/pipermail/krbdev/2003-August/001917.html to get credentials without the pac field. The telnet client doesn't crash if I don't use the pac field.

Markus

MAAAAA MOOOR <huaraz@btinternet.com> wrote:

I try to use Heimdal 0.61 clients together with a w2k kdc and rc4-hmac.
Most parts work fine except that there are some buffer overflows because of the bigger ticket as windows send the pac field details. In ftpd the command buffer has to be increased in ftpcmd.c from 2048 to something much bigger (e.g. 2048*16) so that the ADAT command can't send the whole ticket. Also the telnet client crashes, but I didn't find yet where. Does anbody have checked this before ?

Thanks
Markus

>telnet -x server1.test.com

Encryption is verbose
Trying 10.110.11.206...
Connected to server1.test.com.
Escape character is '^]'.
Waiting for encryption to be negotiated...
[ Trying mutual KERBEROS5 (host/server1.test.com@TEST.COM)... ]
[ Mutual authentication failed: Key size is incompatible with encryption type ]
[ Trying KERBEROS5 (host/server1.test.com@TEST.COM)... ]
Segmentation fault

Follow-Ups:

Re: Heimdal client/server with w2k kdc
- From: MAAAAA MOOOR <huaraz@btinternet.com>

References:

Heimdal client/server with w2k kdc
- From: MAAAAA MOOOR <huaraz@btinternet.com>